* Doubts over data security on U.S.-owned servers
* Switzerland has long tradition for privacy
* Swisscom can only guarantee data security within borders
* Improvements in technology will put focus on location
By Caroline Copley
ZURICH, Nov 3 Swisscom is building a
"Swiss Cloud" that could loosen the grip of U.S. technology
giants and attract foreign companies looking for a way to shield
sensitive data from the prying eyes of foreign intelligence
Companies are increasingly turning to cloud computing - an
umbrella term for technology services such as email and business
software offered remotely via the Internet instead of on-site -
to cut costs and add flexibility to their IT departments.
But revelations that the U.S. National Security Agency (NSA)
secretly gathered user data from nine big U.S. tech companies
including Google, Apple and Facebook
has demonstrated that privacy for users of cloud services can be
compromised, and some suggest customers could seek out
alternatives to the dominant U.S. providers to try and protect
Swisscom's head of IT services Andreas Koenig told Reuters
the telecom provider's decision to set up a home cloud was
unrelated to the recent NSA revelations and driven more by a
desire to cut costs and make its systems more dynamic.
Still, as the technology to protect against illegal threats
progresses, Koenig says it will start to make more sense to
store data in locations where strict privacy laws make it harder
to retrieve sensitive information.
"Data protection and privacy is a long tradition in
Switzerland, and that's why it's pretty difficult to get to
something," Koenig said.
"But if legal requirements are there and we are asked by the
judge to obtain or deliver certain information then we would
obviously have to comply with it."
Unlike in the United States, where the 2001 Patriot Act and
the 2008 Foreign Intelligence Surveillance Act (FISAA) gives
U.S. intelligence agencies the power to carry out mass
information gathering, Swisscom would have to receive a formal
request from a prosecutor before allowing access to data.
Yet while Swiss privacy laws will govern data stored locally
in Switzerland, Swisscom says it is hard to guarantee the
security of data that crosses borders, such as information
exchanged by employees working in different countries.
Concern over the extent of foreign intelligence access to
data has unnerved many countries, including Germany, where
state-backed Deutsche Telekom wants communications
firms to collaborate to shield local internet traffic.
Swisscom, which is majority-owned by the Swiss government,
wants to be at the forefront of new technology to monitor and
detect illegal threats, such as hacking.
"If you are a provider in a cloud environment you need to
apply the highest standards of security you can get," said
Koenig, adding the company was implementing new ways to look at
intrusion and data threats.
He said improvements in technology such as HTML 5, a new
programming language for websites that can support apps on many
different platforms, would make it harder to retrieve data.
"It's like opening a data tunnel from the server to your
screen and then displaying the data on your screen. That makes
it pretty, pretty difficult for anyone to see what's there."
In Switzerland, which upholds privacy and data secrecy for
its citizens and has long profited from providing discreet
banking services to foreigners, the NSA surveillance furore is
The Swiss government is worried about surveillance of
Switzerland's more than $2 trillion financial centre and is
seeking measures to ensure against spying, Basler Zeitung
reported last week, citing sources.
Swisscom is subject to regulation requiring it to store all
client data in Switzerland. The company counts banks among its
biggest clients, and the country's financial regulator FINMA
also stipulates that data and data transfer must happen within
For now, the company is focusing on its Swiss-based clients
but says it would have the capacity to support demand from
foreign companies seeking a privacy haven.
Koenig declined to disclose how much Swisscom was investing
in its cloud nor how much it was planning to charge potential
clients for the service, but said it would be competitive with
other providers such as Amazon Web Services and
International Business Machines.
He said Swisscom's goal was to have 70 percent of its own IT
infrastructure in the cloud by 2016, the equivalent of 200-300
petabytes of data. According to analysts at Deloitte Analytics,
it would take 223,000 DVDs to hold just one petabyte.