2020-02-16

German data for German firms, according to ... Microsoft?

In the US, we think of our struggle over data ownership as a conflict between large, unaccountable companies (like Facebook) versus us as individuals. But it is more complex than that as soon as you look beyond the US.

Take the Germany federal government, for example. How does your sovereignty as a nation look to you, if data is the new oil in the 21st century, but most of that data ends up on clouds operated by American (or Chinese) companies? Critical infrastructure entirely dependent on the goodwill of one (or two) other countries? Who can see anything you do there? Or turn it off in case of a conflict? Sounds like a disaster waiting to happen.

So what do you do? You might team up with fellow nations, like other EU members, and pass regulations such as the GDPR which erodes the exclusivity US companies have over data. Or spearhead a project called Gaia-X, which is intended to be a European alternative to American (and Chinese) “clouds” with the stated goal of regaining data sovereignty.

And into this fight steps Brad Smith, now Microsoft president, who is being quoted (in German) in the press saying:

German data should serve German companies – not just a handful of companies on the US west coast or the Chinese east coast.

(I will ignore here that this comes across as quite racist, and in case of Germany, one should not make that mistake, even if it comes from an American.)

Clearly, Microsoft has identified an opportunity to make a bundle here, by selling to countries like Germany attempting to set up their own clouds, and we know this because the quote comes from very top of the company, not some regional sales manager.

But the striking part of the quote: “should server German companies” (not “people”, or “Germany, the country”) tells us clearly what the German government has in mind here, to whom it is directed: use data to bolster German companies in international competition.

While we all benefit from new rules such as the GDPR, and their enforcement in Europe as in the recent case of the Irish against Facebook, it’s clear we, individuals, are merely an accidental beneficiary.

It’s really about big company competition, supported by national governments. Let’s not forget that. If they were to accommodate each other somehow, I bet the push for privacy and GDPR-like things would evaporate in a heartbeat.