With cloud computing and services continuing to attract more business and a wider variety of consumer, the impact on the economies of nations worldwide could be significant. However, new regulations coming into place in Europe could prove to be devastating to small SaaS cloud providers, leaving the marketplace to be dominated by behemoths such as Amazon, Google and Microsoft, all companies that are based in the US.
The General Date Protection Regulation (GDPR) was passed as a EU regulation this past spring, and will begin to be enforced in the spring of 2018, allowing a two-year grace period for providers to augment their services. The law is designed to protect the personal details and data of consumers across the EU, but it is thought that the regulations are so stringent and difficult to manoeuvre that only companies with resources as great and numerous as the aforementioned conglomerates can hope to escape largely unscathed by potentially crippling fines.
Kuan Hon, a data protection expert, told the recent Cloud and Infrastructure Summit that the GDPR differentiates between data controllers and data processors, with the ordinances burdening those at the bottom of the digital supply chain. At this point, many start-ups are at bottom of that supply chain, and so if a particular service is found to be in fault, the burden will fall on the start-up, not necessarily their customers that may actually be responsible for the issue.
The costs associated with being on the wrong side of the GDPR could be enormous, with one estimate of UK providers suggesting that, had they been exposed to the GDPR, the total fines would have totalled a staggering $122 billion.
Though Amazon, Google or Microsoft can afford the odd fine, just one instance may put a start-up out of business. This could interrupt the development of cloud offerings in Europe should amendments not be offered or other alterations made.
By Keith Sonia