How Does the “Brexit” Affect My Cloud?

At the time of writing, it has been a little more than a week since the people of the United Kingdom decided to leave the European Union — a decision that has been dubbed the “Brexit”.

Pundits and politicians have been vociferous about the potential impacts to the British economy and political systems. So, being a pundit on the topic of cloud and cloud security, I thought I would take a few minutes to share some thoughts on the implications of the Brexit on the world of cloud.

Data Sovereignty and GDPR: My colleague (who also happens to be a British citizen) Simon Leech penned a very decent article about his views on how the Brexit could impact data sovereignty and privacy regulations. You can find it here. It is very much worth the read, and I am going to try to not duplicate his points here.

The only point that I would add is that the same back and forth on a data privacy agreement between the UK and the EU is going to have to be settled. The UK already has regulations in place that adhere to the EU’s privacy laws, so this may not be as difficult as the process that the United States and the EU are going through.

Cloud Expansion: Until the full ramifications of the Brexit are sorted out (measured in years, not days), big cloud providers are likely to put their cloud data centers slated for the UK on hold. Most of the larger providers already have a footprint in the UK, but many were looking to expand. Until the Brexit is finalized, and how the EU privacy regulations are sorted out, those plans will be on hold.

Two Years (and Counting): For the Brexit to be completed, there is a very specific process that must occur (and bear with me — I am learning this stuff the same time that you are, as we are in uncharted territory here). It turns out that the amount of time it takes to break with the EU depends on when the UK government informs them that they want to leave. The UK must formally notify the EU by using Article 50 of the Lisbon Treaty — a process that has never been used before. From that point, it starts a two year process for the UK to leave. All well and good from a political perspective. But 2 whole years in cloud time — you are looking at a decade or more in cloud innovation years. And those are years that may leave the UK completely out of the picture. For the same reasons that the various tech companies are holding while awaiting the Privacy Shield negotiations, they are unlikely to invest cloud resources in the UK. Which isn’t to say that they are going to stop innovating for 2 years — just that the innovation and expansion will occur elsewhere.

The best (and only) advice I can give to businesses affected by the Brexit is the same that I give in regards to the Privacy Shield holdup: be as prepared as possible to implement whatever arrangements the UK negotiates, not only with the EU but the rest of the world. Use the regulations that they adhere to today as a model of the types of regulations that they will likely pass and require in the future.

The UK is the special business and political partner of the United States, and their exit from the EU does not mean that the world is not coming to an end — politicians and protests withstanding. But there will be interesting times in the world of tech coming to my UK friends, and not all of them will be good.

Here is another link I found interesting — the BBC and their FAQ about the Brexit. I checked this out while writing this, and thought I would share. Pretty decent summary of concerns — obviously not cloud focused.