Today I received a press release of SAP talking about a new study of Roland Berger (a large consulting firm) and SAP with the title "Cloud Computing brings new growth opportunities to - Europe's IT and communications industry". It ends with a program consisting of five points, the proposal of Roland Berger and SAP. The points are
- Define a European legal framework for data protection and data security
- Define a "European Cloud Gold Standard" as sort of certificate for cloud providers
- Spend EU money for research and development around innovations in the cloud
- Support Cloud Computing for medium-sized businesses (based on the already existing programs)
- Public services and governments should procure cloud services, showing their trust into the cloud offerings (and thus drive others to procure such services as well)
But, to be honest: All this is self-evident or already existing. And some aspects are questionnable. Yes, there are growth potentials in the cloud. For all IT providers in all regions worldwide. We all know that for years. There is an existing European legal framework for data protection, at least to some extent. There is room for improvement, but it isn't missing (and the report claims that EU standards for data protection are missing, which is just wrong). A worldwide accepted standard for cloud services is required - good and strong certifications. But the question isn't about that we need it but about how this could look like and how this could be granular enough for quick and efficient procurement processes. Innovation: Great thing. The EU is investing in that for years. And yes, it helps, but innovation comes from a lot of different sources.
When looking at the last two points, the medium-sized businesses and the government procuring cloud services, this shows a fundamental misunderstanding: Cloud Computing is just another deployment model. The reason to move to a cloud service is that this might be the most appropriate way to procure a service (instead of on-premise production). But there is no reason for the government to move to the cloud as long as these services aren't better than on-premise services - better in a complex sense, taking all factors like functionality, price, risk ratings, security, availability, and so on into account. The same is true for medium-sized businesses.
At the end of the day it is about providing services to the customer which are good enough. Certifications, standards, and legal frameworks will help. But the main point still is about providing the better service, not about complaining about the limiting factors. By the way: It would also have been worth to mention that the EC Privacy Directive will undergo significant changes next year, beyond what it provides today around data protection.