The FISMA Focus IPD

Though it was a political decision by the US and EU to cut data protection from the ambit of the TTIP negotiations, it came against a backdrop of accelerating competition between EU and US data sector companies.

Significantly, it also came shortly before the Prism scandal (see background) began to seep revelations of data espionage, which have since soured EU-US relations.

“Data protection is a fundamental right. It is different in nature to the tariff of a good or to the schedule of a service. That’s why a discussion on standards of data protection should be kept separate from the give and take of a trade negotiation,” Justice Commissioner Viviane Reding said this month (17 September).

As a result Reding said she was “grateful” that Trade Commissioner Karel de Gucht agreed that data protection came outside of the scope of the TTIP.

Data is the new ‘oil’

But clarity about international data protection standards is seen as critical for strategic commercial decisions in the booming market.

Reding said in the same speech: “Data is the new currency: the value of EU citizens’ data was €315 billion in 2011. It has the potential to grow to nearly €1 trillion annually in 2020.”

According to John Boswell, a senior vice president with business analytics and software company SAS, data is the new ‘oil’ and data analytics are essential to business, job growth, innovation, prosperity and will lead to the creation of millions of jobs in the future.

“Core to this objective, are data-friendly policies that encourage the use, free-flow and analysis of data, facilitate the location of companies in Europe that focus on data-driven innovation and build the necessary framework of trust for European citizens who will ultimately benefit from the deluge of data and its analysis,” he says.

Nerves over impact of Prism on EU-US relationship

Fallout from the Prism scandal has shown how difficult the TTIP negotiations would have been had data protection been kept on the agenda.

In early July, the European Parliament voted to support the Commission to end Swift and other data-sharing programs with US authorities, if the EU executive chose to do so.

The outgoing US ambassador to the EU, William Kennard, promised on 8 July a “healthy debate” between the two partners, and cautioned against allowing the scandal to rock TTIP.

“We have such a deep and broad relationship that it would be unfortunate if we allowed one issue, as serious as it is, to paralyse us across a whole range of other issues we’re working on,” Kennard told EurActiv in an interview.

Later that month Reding announced that the Commission would conduct a “solid assessment” of the data protection Safe Harbour programme with the United States, refusing to rule out the possibility that the programme could be suspended.

Data protection regulation could hit US concerns

Reding may have another motive for keeping data away from the TTIP. The commissioner wishes to ensure the swift passage into law of controversial new data protection rules, which are currently being debated by member states and the European Parliament with the aim of agreeing legislation before spring next year.

Observers warn that a failure to agree the new rules by then could cause long delays to their implementation, as they face the prospect of having to be re-opened by newly elected MEPs following the Parliament elections in May next year.

Various clauses within the proposed regulation would impact on the larger US companies offering so-called “over-the-top” data services, such as Google and Amazon, and more significantly the burgeoning cloud computing sector.

US-based cloud service providers – including Google, Amazon and Microsoft – currently account for around 85% of global markets.

In June and July 2013, the Cloud Security Alliance, an industry group, surveyed members and other cloud computing stakeholders for their reactions to the US Prism spying scandal.

One in 10 non-US residents who responded indicated that they had cancelled a project with a US-based cloud computing provider in the wake of Prism and 56% said that they would be less likely to use a US-based cloud computing service.

The Alliance predicted that US cloud computing providers might lose as much as €26 billion by 2016, equivalent to the loss of 20% of its share of cloud services in foreign markets.

Europeans now hope to use the Prism scandal to win a share of this market.

“If European cloud customers cannot trust the United States government, then maybe they won’t trust US cloud providers either,” said Neelie Kroes, the EU’s commissioner for the digital agenda.

“If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now,” Kroes said in July.

Europe looks to seize advantage on cloud

At the same time, Kroes announced that the Commission would redouble its efforts to promote EU-based cloud services this autumn, a move timed to coincide with the perceived lack of trust in the US competition.

The data protection regulation and new cloud proposals will be mulled over by EU heads of state when they gather in Brussels for a summit in October.

Although data sector will not overtly be discussed in the context of TTIP, US businesses are expected to watch the debate closely for a flare up of indignation at the Prism scandal and EU attempts to capitalise on the cloud computing market.

One source close to the US industry – who spoke on condition of anonymity – said: “At the moment it is looking like a trade dispute over the data sector is as likely to emerge between the US and EU before any trade agreement emerges.”

Data, seen as pivotal to future trade, may be off the official agenda for now, but it remains the elephant in the room.