Cloud software vendors have for some time been diligently building out their global datacenter footprints both for reliability and scale, as well as to meet customers' data privacy concerns, but Microsoft has now addressed the latter issue with a new twist. It will deliver its cloud services, including Azure, Office 365 and Dynamics CRM, out of two new German datacenter locations through a special partnership with Deutsche Telekom. Here are the key details from Microsoft's announcement:
These new datacenters will adhere to the same security, service and quality standards as all Microsoft datacenters. The services offered will abide by the Microsoft trusted cloud principles of security, privacy, control, compliance and transparency, as well as consistency with Microsoft’s global cloud services.
These new cloud services will be a first of their kind innovation from a global hyper-scale cloud provider, in that access to customer data stored in these new datacenters will be under the control of T-Systems, a subsidiary of Deutsche Telekom, an independent German company acting as a data trustee. Microsoft will not be able to access this data without the permission of customers or the data trustee, and if permission is granted by the data trustee, will only do so under its supervision.
“Microsoft is pioneering a new, unique, solution for customers in Germany and Europe. Now, customers who want local control of their data combined with Microsoft’s cloud services have a new option, and I anticipate it will be rapidly adopted," says Timotheus Höttges, Chief Executive Officer, Deutsche Telekom AG.
The new German datacenters will use a private network to ensure data resides within the country's borders. The rollout is planned for the second half of next year and services will be available to customers in Germany, the EU and the EFTA, Microsoft says.
Microsoft's plans come just over a month after the EU's highest court struck down the 15-year-old data-transfer agreement known as Safe Harbour, which enabled EU companies to transfer employee data to servers in the U.S. The court found that employee data wasn't protected enough from the potential prying eyes of U.S. intelligence agencies while residing in the country, as the Wall Street Journal reported.
POV: Microsoft's announcement is sensible, says Constellation Research VP and principal analyst Steve Wilson. [Go here to download Wilson's in-depth report, "Why Cloud Geography Matters in a Post-Snowden/NSA Era. Subscription required.]
"With all the breaches and all the public angst about privacy, European privacy measures have a whole lot going for them," Wilson says. "Until recently, American business tended to reflexively and angrily reject EU data protection rules as anti-innovation. But these rules make sense. The public would welcome broad-based privacy laws."
"Privacy doesn't harm innovation," Wilson adds. "It simply dictates that you should only collect the personal data you need to get a well-defined job done. Let people know what you're doing with their data. Don't re-purpose personal information without permission. In my opinion, real innovation would be new business models that treat people fairly and involve them in the data-for-goods and services bargain."
Meanwhile, cloud deployments in continental Europe are important, because they address both data sovereignty and performance concerns," notes Constellation Research VP and principal anlayst Holger Mueller. "Networking only works at the speed of light, and moving data center closer to consumers will only improve performance."
As for Microsoft's arrangement with Deutsche Telekom, Mueller isn't convinced it's truly novel. He points to Amazon Web Services' key management system, which gives customers the ability to create and control the keys that encrypt their information. "If you don't want anyone to spy on you, customer keys are the right path," he says. "If you bring your own keys, anyone will have to come to you to look at your data."