Skip to content

The future of mobile

The world of mobile communication is changing. First we have seen new players shaking up the device market. Then we have seen disruptive changes in the mobile communication tariffs. We have seen mobile providers unbundling the communication cost from the handset cost. Flat rates were introduced and the traffic has changed. It has shifted from voice towards data or to be more precise towards video. In the future it is expected that two-thirds of the traffic on a mobile device will be video content.

How do the mobile operators react? How can they react?

Everybody is searching for the killer application and this did start long before the introduction of smartphones. The term “Content is King” has been around for a while as well. It seems like the killer app has been found – it’s video. But does that do the mobile operators any good? Do they own the rights on publishing videos in the internet? Do they operate video platforms like YouTube or Vimeo? No, they do not. So how can they jump on the wagon to profits in the future and avoid be marginalized to “stupid” bandwidth providers?

Content

One approach is to force an entry into the content world. Deutsche Telekom and T-Mobile are a good example. They acquired the rights for the internet presentation of the German Bundesliga. That is quite an exclusive content.  On the backbone of this and its IPTV offer for  DSL customers Deutsche Telekom is building a package of content that could compete with the likes of Apple (Itunes), Google (YouTube) and Amazon that have had a head start on the content side of things. The weak spot of the Telekom approach is that so far it is a rather regional strategy. Even while the Bundesliga is a global product, though not as global as the Premier League, it is not enough to generate a global pull towards their mobile products.

So content is a market already claimed and making inroads there will be difficult.

A second part of the Deutsche Telekom approach is the so-called “Telekom Cloud”. A central space to store user-generated content. This is much more the idea of a digital locker rather than a sharing platform like YouTube. But being device independent, it is a competitive approach to the iCloud offering of Apple. It sounds like a great idea in the first place but over time there will be comparable offers in the market that will be neither tied to a network provider (fixes and/or mobile) nor to a hardware manufacturer. The digital locker will become a feature but not a differentiating factor.

Better Infrastructure

The race is always on. It is the drive for who has the maximum bandwidth, has a global delivery capacity and who can drive down complexity and therefore costs. New models will emerge that go hand in hand with the move towards video content. Local caches in the domain of the provider to deliver videos and other content faster are one approach. Even constant pre-streaming towards mobile devices will be a way to make life easier, especially when mobile tariffs are not driven by amount of transferred MBs or GBs anymore. So as a mobile operator you could try to be on the bleeding edge of technology to keep your customer base. You could ensure that you create a continuum with fixed communications and broadband at home. But on the bottom line this way is very investment heavy and still bears the risk to be marginalized to a mere infrastructure provider.

Mobile Advertising

This is the killer application of the new century. The company that figures out the solution to this will be leading the pack. Why, you wonder? Isn’t there already mobile advertising in the play? Have you not seen an ad lately while playing Tap Zoo or Poker on your iPhone? True, but let’s face it, nobody yet has successfully opened Pandora’s Box of mobile advertising.

Mobile advertising in people’s minds is like small pop ups in applications, a short spot prior to your video content being streamed or even a voice message like “This conference call is brought to you by Old Spice”. And with the majority of these kinds of approaches to mobile ads we are unhappy at least. I do wonder why the more subtle ways of e.g. in game advertising from console games have not yet found their way towards games on mobile devices. I keep thinking about more clever ways to attack this.

The company that solves mobile advertising challenge will drive the future of mobile revenue generation. The company should make sure to get a patent on it first. It cannot be that difficult if Apple gets a patent on “slide to unlock”. It has to be the top priority for all mobile operators! Otherwise the risk to become irrelevant in the future is extremely high. If someone like Google or even Microsoft cracks this, the role of the vodafones, Deutsche Telekoms, Verizons, KPNs, and so on will be reduced towards providing bandwidth. I am not even sure whether their brands will remain in the public domain or whether they will become kinds of white label infrastructure providers in the background. That could be a profitable business but I believe it is not what these companies aim at.

One example of the “how to cash in on mobile” discussion has come up lately is the upcoming IPO of Facebook. Their weak spot has been identified on the mobile site of things.

“We do not currently directly generate any meaningful revenue from the use of Facebook mobile products, and our ability to do so successfully is unproven,” the company said in its review of the risks it faces.

Have a look here for a good summary of the mobility challenge of Facebook: http://www.nytimes.com/2012/02/06/technology/facebooks-mobility-challenge.html?_r=1&pagewanted=all

And what does that mean for consumers?

The consumer focus will shift over time. The key question will not be who is the first on LTE or the cheapest. The question will be who has the rights to the content I want or need. What happens if the rights move from one provider to the other? Will that impact my device or my contract? This shift will be happening within the coming years. It will require the consumers to rethink their strategies of purchasing contracts. Even nowadays the drivers have changed already with flat rates where you can get flat voice to all mobile networks and to the fixed line network and flat mobile internet starting at around 20,-€ a month. Some predict the drivers will be the devices but as we see with iPhone, exclusivity towards networks does not stand in the long-term. So the device will not be the decisive factor for consumers to choose one network over the other.

Interesting times

It is not easy to drive this post to a conclusion as I do see tendencies but do not have all the answers. But I can say: Watch the Space. It will be interesting to see how all these changes play out. We will see further consolidation, new players and shifting market models. It is a climax of what has been discussed in the mobile operator world at least for the past ten years.

Cloud Strategy – is that a must have?

I remember it quite well. A few years ago a appeared on the stage where one of the very first slides had an analyst statement that CIOs without a cloud strategy would be out of role within 12 to 18 months. That was a very bold statement and I believe looking back it is fair to say it was not true. I have not heard of a single CIO being fired due to a lack of a cloud strategy. I admit this could have three reasons:

  • All CIOs created a cloud strategy
  • I am not well-connected enough get the word that hundreds of CIOs were actually fired
  • The importance of a cloud strategy was lower than expected at that time

I do actually believe it is the third statement that is true. The question whether you do have a cloud strategy or not is just the wrong question. At that time cloud was discussed and perceived as something separate. Something you must consider to keep your edge. If you ask me this view was driven by two major influencing factors. First there was the hype carried by the media and some professionals and secondly by a strange but still existing technology focus.

Another example for the visor being misaligned is a discussion I had with some sales folks from a combined software/SaaS vendor. I was asked what I do perceive as the strongest competitors for the SaaS offering. My answer was and still is the following:

  • “do nothing” / upgrade of existing environment
  • Classic hosters / outsourcers
  • Competing cloud vendors

This got the confused big time. The first statement was explanatory for many difficulties in selling cloud successfully. Nobody goes out and asks “Can I get two kg of cloud”. They do have a recipe in mind and would take whatever helps them to cook the meal best. In other words the customer thinks in workloads in the first place and would (should) consider all delivery options.

This is the reason why I strongly advice customer that they do not need a separate cloud strategy.

What you need to make sure as a customer is that you embed cloud computing as an optional route to go into your IT strategy, into your sourcing strategy, into you application development strategy, etc. If you want you can go the extra mile and pull the cloud pieces of these areas together in one document and call that you cloud strategy but that is really more a less an internal marketing effort.

If you start with the cloud strategy in top of your mind and try to go down to the bottom of all your accountabilities in IT you will create complexities and additional work you do not want. The way I do suggest customer enables them to look at workloads, create segments where cloud delivery can add value and embed these into your broader IT strategy. The key word to gain benefits from cloud computing is segmentation (more here: https://clouddiscussions.wordpress.com/2012/01/19/the-silver-bullet-to-cloud-computing-segmentation).

So the bottom line message is:

Cloud Computing is another arrow in a CIO’s quiver

As the strategy is the combination of arrows in the quiver there is no need for a separate cloud strategy. Just make sure it is included in all the other related IT strategy discussions.

The silver bullet to cloud computing – segmentation

Identifying usage scenarios for cloud computing is a challenge for providers and IT departments alike. Due to that the public discussion on cloud computing mainly gravitates around technology or data privacy. Another blocker really is a row of misconceptions. One of these misconceptions seems to be quite dominant in the range of SaaS – All or Nothing. But even in the other areas, platform and infrastructure, there is no clear view on usage scenarios yet.

Learning #1: Sales Approach

Sell through examples is really what will win in the end. Do not sell by explaining that you got the best technology but come up with usage scenarios (example scenario). Create customer reference stories around great ideas how to use the service. You have to make sure that you create a story explaining the business benefits rather than e.g. the migration story. Even if your migration story puts you ahead of competition it is important to get a picture about the usage scenario into your customers head in the first place. Why worry about migration if I just do not know what to use the service for.

Learning #2: Segmentation is what creates opportunities

For all kinds of public cloud services (from IaaS through PaaS to SaaS) the silver bullet is segmentation. The reasons for that is that unlike in the past where one size fits all was an approach due to limited delivery options/capabilities and lack of scale, the cloud computing approach of “on demand” lowers the entry barrier.  To consider cloud computing and build a plan you need to look at your workloads and user groups and analyze them in detail. You will have to come up with a make or buy decision where buy will probably include more than just pure cloud computing.  They key piece is to identify workloads that would fit the cloud delivery approach. This could be guided by any of the following areas of consideration:

  • Data privacy
  • Continuous demand versus peaked demand
  • Level of standardization / need for customization
  • Cloud as the primary delivery option or an add-on
  • Cost
  • Service Levels
  • Lead time on demands / lead time on delivery readiness

Let me give you two examples to go a little bit beyond theory. The first example is about a company designing complex products like cars. There are many calculations and simulations to be. You can bet that there is computing power already in place to do the number crunching from variants of the gearbox through to virtual crash tests.

But the reality is that the departments in need of a complex calculation job need to file the request and wait to get a slot granted. Often this could take several weeks just due to the sheer amount of jobs needed. Here cloud computing could help significantly. You might want to look at the jobs and try to understand where you would be able to speed up things by using external capacities in the cloud. Where can you gain flexibility and business agility by combining your internal forces with the computing power in the cloud? It is not about replacing the local number crunching completely but to shave of peaks or react on short-term needs in a more flexible way. As a result you can shorten your lead times on new products while reducing the cost (direct – investment in additional computing equipment; indirect – less idle time or distraction for the teams involved by shorter lead times on results). On top of that segmentation of jobs also allows you to cater for security needs as you can ensure that the top-secret jobs run in-house while less critical ones can run in the cloud.

This example even works in areas usually restricted from using the cloud. In Germany health insurances, amongst others specific business,  are not able to generally go to the cloud with PII due to the law (§210 STGB). They might still do it with anonymized data for risk assessment or statistical calculations. Again a usage scenario opens an opportunity in a vertical that seems not be a market at all. Which would be Learning #3: Be creative.

The second example is a straightforward SaaS collaboration example.  Most discussions around the pickup of cloud based email or collaboration tools start with a look at the whole user base. By applying this view many discussions are dead in the water from the very beginning.

But by looking at the segmentation of the existing user base and even beyond that, e.g. users without access to IT at all, opportunities to utilize the cloud will appear. It is just a different view that will let you see beneficial scenarios.  You could cater for the different needs with the most fitting offering and also cut down cost while not cutting down functionality. The people who need very high reliability and total privacy are being served locally and are happy to pay a premium, the general workforce can be served from the cloud in different forms of usage and the group without access to IT so far may go for a kiosk user model. You might want to think in workloads as well as where you have people working in shifts without an own PC and without the dependency on client software. These users might be totally happy with a web-based cloud standard offering at a lower price point. Also you might want to just use cloud computing for specific maybe temporary usage scenarios. So you create something that might live for some months but instead of buying hardware and software you just use cloud computing for a few users.

If you think about it this where cloud computing starts to deliver real value beyond just cutting costs. It also clearly shows that the so famous “one size fits all” approach of some cloud providers may not the best choice for your enterprise.  In the example of Google Apps this was recognized by some partners who have created hybrid solutions and scenarios. So sometime you have to look beyond just the cloud provider to find a solution that fits. But as the mantra for every great cook is “preparation is everything”, you should analyze your need and maybe look at ways of using cloud computing that might not be obvious in the first place.

Cost Savings as the only driver for the move to the cloud?

Is it not what we all get drilled into us each and every day that cloud computing is just cheaper and saves a whole lot of money. Some providers even drive this to the extreme and advise customer to drop functionality (one size fits all) for the sake of the least cost in market. The question now is not whether the individual cloud service is cheaper but whether you should take that at face value and take your decisions just based on this.

Sounds like outsourcing, doesn’t it?

It surely does to me. I remember when I stepped into the outsourcing business the major line of reasoning has been cost savings on all fronts. Over time customers have learned either through own experience or by watching other projects fail that cost saving, while it has an impact into the overall business case, should not be the only driver towards a decision. There are other bits and pieces of equal importance and it is about expectation management as well as clear contracting on top of these.

Why do I bring outsourcing to a discussion about cloud computing? The reason for that is that cloud computing services do fall into the same category. The services with the label cloud are an additional sourcing option for a CIO and should be evaluated with the same methods. Have a look here for some details on evaluating SaaS proposals: https://clouddiscussions.wordpress.com/2011/09/23/how-to-evaluate-saas-proposals/

Why cost comparisons fail

First of all, the biggest roadblock prior to a deal is the cost base to compare with. Often the internal cost base is unclear. The people creating the cost analysis might be biased in fear of losing their jobs or just for the fact that they believe a substantially higher cost on internal delivery would make them look bad. The cloud provider on the other hand is inclined to paint a best case picture in order to win a deal. But reality will bite back and that best case picture will not come true. And actually I believe nobody is to blame for that as some things are just not clear at the time the contracts are signed. It is though up to the customer to think ahead, evaluate the risks about missing the best case scenario and create some reserve funds (money and time).

The second thing that comes into play are secondary cost saving expectations like easy access to skilled resources in outsourcing or a reduced effort with regards to service provider management.  A cloud provider needs to be managed pretty much in the same way as a hosting or outsourcing vendor. And this stands even in case of online information instead of service manager meetings.  In addition you might want to consider even to plan slightly more for this and go for an extra offering that will make the cloud service look slightly more like an outsourcing. Have a look here for some ideas: https://clouddiscussions.wordpress.com/2011/09/12/where-the-cloud-needs-to-learn-from-classic-outsourcing/

The next area of uncertainty is the migration as well as updates. While you can get a good grip on potential migration cost you need to make an effort to do so. Thorough testing and detailed planning is needed before you can really get a good estimate on the costs. And do not forget to include the cost for these tests into the business case. Updates are a little harder to plan for. While the cloud service provider will tell you that they take care of all the updates and that it will be without extra cost for you this is only half the truth. Surely updates will be cheaper per se but you cannot determine the timing any more. The update takes place when the provider says so. The deeper your integration is, you might be forced to upgrade your internal environment as well, You might not have done that in an on premise environment. Examples are updates needed to your directory services as it is federated with the cloud or certain versions needed to use the service outside of the web interface. So you might face the need to update client software as an example.

Another factor to weigh in is the network element. With a cloud solution even traffic that was formerly internal only now is routed over your internet connection. Does this connection in speed, bandwidth and availability stack up to your expectations and the cloud service? Remember in SLA chains it is the weakest link that counts.  So what are the additional costs for the network you need to calculate?

What are the reasons for going into the cloud then?

What is the difference between a good date and a bad one? It is your expectations. Rushing to the cloud for cost reasons only is a little bit like going out in expectation of a hot date and your imagination just setting the completely wrong expectations.

There are many good reasons to move to the cloud from added flexibility to simplicity and not forget cost. Rather for the best cost you should look for the service that fits the requirements best and be quite detailed on your cost expectations. Actually even though I have painted a rather black picture I do believe that cloud computing delivers cost savings. But you need to use it in an area that makes sense. Imagine you decide to go for cloud services, do a migration and rather than have a happy bunch of users and watch the savings stack up you need to revert back. That would involve additional cost for another migration and rather than savings you have created additional cost. Search for LA police department and their failed attempt to move to the cloud!

Bottom line is that it is really about a clear management of expectations from the beginning on the customer side and a need to plan for a little bit worse that the best picture scenario on the provider side.

SaaS usage scenario: contract negotiations and RFP processes

Do you know what one of the biggest concerns is when you consider outsourcing your own IT department? It is the question where to store the documents outside the reach of the IT people you want to outsource. You might argue that accessing data unauthorized is against the law and the contract but let’s face it, people in fear of their job would not be stopped.

Another scenario but also very risky is data security during contract negotiations, let’s assume for an M&A project. You do spend a lot of time to secure your internal data integrity. But the moment you communicate with the outside world all your security is gone. You send contract drafts to lawyers and the other party. You have lost complete control whether the data is being sent to a private consumer email address from there on. Heck the recipient could even be on a consumer email system without you knowing and there goes your high level of security.

In the old days of outsourcing (not only IT outsourcing) whenever there was a transfer of assets but especially a transfer of employees (TUPE, §613a, etc.) there was tight control over the data. To assess the data of the assets or the employees you had to enter a room where there were printouts of the data and where not allowed to take any information away. Nowadays with digital information this has changed. Information is being sent around, copied, worked on, etc.

Imagine you are in charge of an RFP process. You have several bidders that need information. You get questions from these bidders. You have to organize meetings. You have to provide a method of receiving information from the bidders. Even if you have organized yourself let’s say with the help of Microsoft SharePoint internally (which is a huge step already) you still struggle with the external parties. Sending out documents or receiving these per email may just fail due to document sizes. You are not sure whether your email is received and read. You are forced to communicate through “old means”.

Does any of the problem statements above sound familiar to you? You might want to consider a SaaS solution to break out of the misery. Let me explain how.

Think of a place in heaven  in the cloud where you have a safe document repository, a way to communicate (email, message board, IM) and full control which individual has access to what content. You would not have to wait for your internal IT to argue, purchase HW and license, set it up and make an internal system to you which then would not be available from the outside. Your investment is limited as you purchase the place in the cloud for a limited time only and you would pay per user.

This is what cloud collaboration solutions like Office 365 from Microsoft or Google Apps, to name the two biggest, can deliver. You’ll get an enclosed environment where you can give access to internal team members as well as external support staff and even bidders. You can create separations so that shared content is available to all but also have drawers of information only available to a limited group. The integration of email and instant messaging gives you save means of communication without involving your own IT department or information leaving the controlled environment. You avoid that anybody misses important information by having this one stop shop and through the built-in integration of mobile platforms even reach people on the road.

Not only do you limit the direct operational cost compared to setting this up through your own IT department if they would be able to do so at all. You also increase the productivity of the teams involved internally and externally. This usually results in better and faster negotiations but surly in less miscommunications. On top of that you are reducing the risk. Which risk you ask? Actually you reduce several risk types.

  • The risk of exposure of confidential information towards media
  • The risk of exposure of confidential information to internal audiences
  • The risk of data getting lost or being hacked on accounts (e.g. consumer mail) outside of your control
  • The risk of missing to notice important information which might result in delayed timelines as well as economical disadvantages.
  • The risk of not giving all bidding parties identical information and therefore one or more parties an unfair advantage which might result in legal action against you.

You might wonder why this status quo today in negotiations is not getting data privacy officers on the barricades, why legal departments do not intervene or why the CIO has not addressed these business risk through IT yet. Let me ask slightly provokingly, is it due to:

  • Lack of alternatives
  • Lack of risk awareness
  • Involved individuals being from a generation rather wanting to stick to “that’s how we have always done it!”
  • A wrong perception about the cost involved

It cannot be one thing for sure. It is not the external parties not playing along. In my experience there are already so many terms around the whole process of bidding and negotiations enforced that the usage of a cloud communication platform would rather be welcomed then damned. Actually I do believe there is an additional reason. Nobody ever thought about using the cloud in this way!

The whole cloud discussion gravitates around technology. The appliance of cloud services to solve real life business challenges is an approach and skill set barely used. If we want the cloud to succeed as a success this is what is needed. I do have a row of simple but eye-opening scenarios for SaaS and I continuously think about ways how cloud could support real life challenges. Join me in that quest. If you have ideas or want to learn about mine reach out.

2011 in review

The WordPress.com stats helper monkeys prepared a 2011 annual report for this blog.

Here’s an excerpt:

A New York City subway train holds 1,200 people. This blog was viewed about 6,500 times in 2011. If it were a NYC subway train, it would take about 5 trips to carry that many people.

Click here to see the complete report.

Christmas Special: Urban legends, from the kidney heist to the data hand over at gunpoint

Have you ever heard the story of a tourist waking up in a bath hub full of ice missing a kidney? It is a story well told and distributed virally in the western hemisphere. It is not true but everybody who hears it for the first time feels the chill?

While it has been proven to be wrong (have a look here as an example: http://urbanlegends.about.com/od/horrors/a/kidney_thieves.htm) is keeps going. There are three elements that make it so difficult to stop it from resurfacing every now and then.

  • The story has a true core or at least is plausible.
  • It is addresses a bad feeling, a fear or a concern already existing in the listener, sometimes consciously sometimes not.
  • It usually has an element of bad and good or of guilty and innocent.

Let me tell you an urban legend from the world of cloud computing and data privacy.

UK hosting company forced to hand over data at gunpoint:

It has been reported that lately the Patriot Act has shown its true face. Hosting UK ltd. (fictional name) a company that hosts web servers and databases for their customer mainly in the UK also has an office in the U.S.A. where administrators cover off hours support issues. As it happened one of these customers (from Europe) came under suspicion by one US governmental agency. It has not been disclosed so far whether this was a terrorist threat or a corruption investigation.

Rather than addressing this customer of the UK hosting company directly the authorities walked up the US office of the hosting company itself one evening and forced entry. Making use of the fact that Europe was sound asleep and no one was available, they approached an administrator and requested to pull data from the servers in the UK. When the administrator refused to do so for two reasons, 1st he had no right to do so under company rules as well as UK law and secondly because he did not have access to the systems, the agents from the US agency reacted straight forward.

Rather than presenting any legal material, which would have had no effect anyhow as the administrator was no lawyer able to understand it, they pulled their guns and forced the US citizen to gain access through all means. They threatened him that as a US citizen they would be able to detain him and his family for obstructing legal action and forced him into action. He had to ignore rules and laws and pull the data. He was then told to obscure what has happened and threatened even further if he reported on the events of the night.

Have you ever heard this story or a similar one?

I have been told it many times. It often is told to be an absolute fact and used to frighten European customers. It does have an effect on customers and adds to the uncertainty already in the market about the Patriot Act and the fear on data privacy. So let’s check how it fits the three points mentioned in the beginning.

  • The story has a true core or at least is plausible

It has a true core in a sense that there are rules under the Patriot Act that would force hosting companies to hand over data without notifying the end customer. The so called sealed subpoenas are enforced by courts under special circumstances (see below for more).

  • It is addresses a bad feeling, a fear or a concern already existing in the listener, sometimes consciously sometimes not.

There is a fear already instilled in the people about the Patriot Act. It is a fear about data hungry Americans and FBI, NSA, CIA and all other three letter agencies having free access to data. The fear is also that this is not only to answer the terrorist threat and corruption cases. There is fear that the Americans would use their data access to steal patents to give their companies an economical and unfair advantage.

  • It usually has an element of bad and good or of guilty and innocent.

This one is easy, the bad guys are the Americans, their weapon is the patriot act and the three letter agencies’ Ethan Hunts are the enforcers.

So much for the legend, I predict that this one will be a long lasting one. It will resurface at least amongst certain audiences again and again even if it will not be as tenacious as the kidney heist story.  To get a little bit beyond the story and dig into the topic we need to have a look at the Patriot Act and its consequences. These are the only parts we could really get an understanding on. Any James Bond, Ethan Hunt, or whatever agent you favor actions I cannot analyze or judge. These things are outside of our visible world. But if you are afraid on that level you probably do not have any computers anymore anyhow and only do business locally.

The Patriot Act it is we look at. One of the statements that created quite some publicity was a statement by Microsoft during the Office 365 launch in the UK. It was a basic statement that said that there are circumstances under which Microsoft could be forced to hand over customer data even if stored in European data centers. The press picked this up happily and it sounded in many reports as if Microsoft had opened up the gates to customer data while others did not do this, quite an unlucky situation for Microsoft in a sense of unjustified bad press. The Patriot Act is the same for all companies and individuals. It has not been created for cloud computing only and therefore it needs to be viewed in a different light.

More on the Patriot Act beyond this specific view of today’s special can be found in this earlier post:

https://clouddiscussions.wordpress.com/2011/08/12/weekend-special-privacy-the-patriot-act-and-contracting-explained/

Who falls under the Patriot Act? (Not to be meant to be a comprehensive list)

  • American companies and their subsidiaries
  • Non-American companies with a substantial subsidiary in the USA
  • Non-American companies dealing with the USA or companies in the USA

Where company means all companies of any kind and not just IT cloud service providers

What would happen if a company would not follow the ruling of a court to hand over data?

What is the leverage a court would have? It is a debate that started controversial when I first discussed this with different legal experts. But there is one view that was distilled in the end and if you believe it or not, the majority agrees with it.

Whether an end customer is requested to hand over data, the US subsidiary of an end customer, a US hosting/outsourcing/cloud company or even a foreign company’s US subsidiary, the final resolve is all the same. If denied the data the US authorities would put the CEO/ manager of the US subsidiary into detention to enforce the handover of data. As far as I have understood the rules would allow a detention of up to 6 months.

Can you imagine Steve Ballmer going into jail for 6 months, or Larry Page? That is the reasons why the companies clearly state that bottom line if it comes to that they would hand over data. So how would a German company like Deutsche Telekom and their IT division T-Systems act? They claim as a German company with German data centers the Patriot Act does not apply. But T-Systems and Deutsche Telekom do have significant business in the U.S.A. Would it be different for them? My understanding is that they need to follow the same rules but they might see this different.  As always law is not black and white but shades of gray. My advice, not only for T-Systems, is to discuss this with the potential provider. And remember these rules do not only apply to cloud computing but also to all other kinds of business, e.g. Outsourcing, BPO, etc. Also important to understand is that these rules also apply to your customers themselves as soon as they do business in the U.S.A. or have a significant subsidiary there.

I have been in contact over the years with one customer that decided against the cloud. Amongst other reasons one of the dominant ones was that they had decided to rather send their American management into detention and compensate the individuals for that than handing over data. That was a policy we were not able to comply with.

So do not be misguided by an urban legend and dig to through to your own interpretation. Get legal support and create your own view on it.

Here are some Christmas urban legends: http://socyberty.com/holidays/christmas-urban-legends/

I do wish all readers and their families a merry Christmas and a happy new year. Enjoy the time off with families and friends.