Join executives from July 26-28 for Transform’s AI & Edge Week. Hear from top leaders discuss topics surrounding AL/ML technology, conversational AI, IVA, NLP, Edge, and more. Reserve your free pass now!
Data sovereignty — the principle that individual countries can regulate the storage of data within their borders — has taken off as a significant political cause. The European Union, United States, India and numerous other jurisdictions are working toward [subscription required] comprehensive legal frameworks that strictly govern how data is collected, stored and distributed across borders.
Much of this debate has been viewed through a political and philosophical lens, framed as a battle of individual privacy versus technological innovation, or a power struggle between big tech and national governments.
While these are the major elements of the debate around data sovereignty, they conceal another part of the debate that we don’t see discussed much: the economic trade-offs that come from these laws. Underneath the high-minded proclamations about protecting the privacy of citizens’ data lie some hard-nosed nationalistic economic considerations. Policymakers and industry players need to understand the true costs and benefits of data sovereignty laws, both political and economic.
The pros: More jobs and investment
In their implementation, data sovereignty laws will require users to explicitly consent to their data being transferred to a different jurisdiction. For large organizations and enterprises, this means that it could be illegal to move their customer data outside of the country in which it’s collected. Thus, data sovereignty laws may compel organizations to store data locally even though it may cost more to do so. Storing many pockets of data in different countries may not only be more expensive, but it could significantly complicate data analysis and normal business processes.
Essentially, organizations need to invest in local data storage rather than taking advantage of less expensive storage that may be available outside their borders. For example, a company in India may not be permitted to store its data in England, and a company in Brazil cannot store certain data in the U.S. For storage vendors, and cloud storage vendors in particular, data sovereignty means having to build physical facilities in each country in which it wants to market its services.
While one might debate the benefits of protecting the privacy of citizens’ data by prohibiting its storage in foreign lands, there is no debate about the economic benefits of forcing vendors to build local data centers in order to comply with data sovereignty laws. These laws promote an influx of capital investment, local job creation and greater demand for local suppliers of goods and services.
In effect, data sovereignty laws have the effect of pushing up demand for data centers within national markets. Whereas an organization in London might previously have been able to store data in low-cost locations like Amsterdam, now it needs to procure compute and storage space in a local data center.
While this requirement for local data storage means greater demand for materials, parts and workers to build and install data centers, and permanent jobs for people to operate these data centers, running a data center in London is arguably more expensive than operating a data center in Amsterdam. The added costs can be a drag on profits and ultimately have to be passed along to consumers.
Nevertheless, on the face of it, data sovereignty may seem to be a very positive story — countries are creating more jobs and growing their tax base while also bootstrapping their own tech ecosystems and encouraging further growth and innovation.
The cons: Higher costs for customers
Unit economics favor larger scale: i.e., it’s cheaper to run one big data center than it is to run a dozen small ones. And the cost of running a data center in one country may be very different from the cost of running one in a nearby country. The migration of data storage to the cloud has pushed down the cost of storage and computing precisely because companies have been able to centralize storage and processing power into efficient, low-cost locations and benefit from economies of scale in maintenance, staffing costs and procurement.
For example, the cost of electricity in Germany is roughly €24 euros per kWh, whereas next door in the Netherlands the cost is only half as much. By forcing German organizations to store their data inside Germany, customers may end up paying more and realizing no significant benefits in terms of security or performance, given that data protection laws in the Netherlands are equivalent to those in Germany.
Instead of a few large data centers globally, operators are now forced to build many smaller data centers. So consumers of data storage end up paying more, offsetting at least some of the economic benefits of capital influx and job creation.
There’s also a notable environmental angle to data sovereignty laws. The best place to put a data center is somewhere cold and with access to cheap energy, such as Iceland or Scandinavia. If you can cool a data center by simply bringing in cold fresh air from outside rather than having to run massive air conditioning plants in a hot climate, data centers can have a much lower impact on the environment. And considering the copious amounts of energy used by data centers, the environmental impact of data sovereignty laws is likely going to be considered a more serious issue in the coming years.
Evaluating data sovereignty
It’s a fundamental duty for organizations, and those that provide them with cloud services, to ensure that the data of end users is handled properly and safely. If a jurisdiction’s data sovereignty laws are the standard expected by customers for proper and safe handling, then that’s something customers should be able to expect without hesitation. This isn’t just good ethics, but also good business sense — ultimately, organizations need to comply with these laws because they represent the law and requirements for doing business in their areas.
But when it comes to evaluating the consequences of many different national data sovereignty laws with varying degrees of rigor, we have to remember that these laws do have knock-on effects. While much of the debate around data sovereignty is framed in terms of principles and theory, we need to keep in mind that these laws can and do have a substantial impact on people’s livelihoods, and it’s crucial for responsible policymakers to keep this in mind when debating and deciding on these laws.
As the CEO of a cloud storage provider, I’d like to provide our customers with cloud storage in the most economical way possible. Data sovereignty laws complicate our mission by mandating that we build many small data centers instead of a few large data centers. But I can also see why someone who wants to create jobs and grow their country’s tech ecosystem may consider data sovereignty to be a boon.
Ultimately, it’s the job of policymakers to weigh up these competing interests and decide what course of action is best in principle and in the common interest.
David Friend is the cofounder and CEO of Wasabi.