PRISM Sends Swiss Hosting Companies a Windfall

“Switzerland is renowned as a safe place to house money”, said Mateo Meier, director at Artmotion, in an emailed statement. “The stringent laws which govern Swiss banks are derivative of the nation’s approach to privacy, and now the country is fast becoming the ideal location for storing data too.”

He added that the growth is at the expense of US-controlled cloud services, such as Amazon Web Services and Azure.

“Swiss ‘private’ hosting companies are seeing huge growth because privacy in Switzerland is enshrined in law,” Meier said. “As the country is outside of the EU, it is not bound by pan-European agreements to share data with other member states, or worse, the US.”

He added, “With US cloud service providers subject to US laws, the government can request business information under the Foreign Intelligence Surveillance Act (FISA) without the company in question ever knowing its data has been accessed. Following these revelations, questions have also been raised about the safety of employees using file sharing software like Dropbox and online office resources such as Office 365, which are hosted in the US and the EU.”

Amar Singh, CISO of News International and chair of the ISACA Security Advisory Group (SAG), has a slightly different view.

“Regardless of where you are - you could be anywhere on the planet - if you don’t want anyone to look at your data and you don’t encrypt it, you have no assurance it is safe from prying eyes,” he said in an emailed comment. “No doubt Switzerland has much tighter laws, but if you don’t encrypt data, it is always open. More importantly, you need to hold the keys to your encrypted data.”

Regardless, raising the lid on PRISM clearly has some worried. Panayotis Vryonis, a Greek entrepreneur who’s working on building a startup that will offer data archiving services, said that he’s going to be avoiding US hosting.

“It looked like a good idea to host our data (our clients’ data, to be precise) with someone like Amazon AWS, Google AppEngine or Microsoft Azure,” he said in a blog. “Not any more".

He added, “I know I’m deeply worried about my data stored by GMail, Amazon, Facebook and the rest. My clients will probably worry too, if I host their data in the US. Why would they want to store their digital archive in a country where government agencies have the right to secretly access it, without a proper court order?”

In the US, citizens are a bit ambivalent about PRISM. In a survey in Time magazine, 55% said that they already knew the government was collecting phone-dialing records, emails and Internet search records of potential terrorists, and 48% said they approve of the practice to prevent acts of terror. A full 63% however said that they are concerned about government misuse of their information.

What’s Hot on Infosecurity Magazine?