Cloud set to revolutionise public procurement - EU

“Cloud buyers, including the public sector, will buy more with less and become more efficient.”

 

That was the not entirely original, but still bold, ambition laid out by Neelie Kroes, vice-president of the European Commission, in a speech to the World Economic Forum in Davos last week.

 

“We have already made a start on the regulatory side - the Commission has proposed new rules for data protection in the twenty-first century, including for data in the Cloud,” she also told delegates at the high-profile economic summit.

 

“But we can do more. Look at the public sector: public IT procurement is large, about twenty percent of the market, but today it is fragmented with limited impact. We can harness this buying power through more harmonisation and integration. And, yes, ultimately also through joint public procurement across borders.”

 

She added: “Why is this important? Because the Cloud sector will listen and adapt, creating benefits for Cloud adoption throughout our economy.”

 

At Davos, Kroes confirmed that the European Commission is to establish the European Cloud Partnership, which aims to bring together public sector organisations and the IT industry to work on commons requirements for Cloud procurement and back it up with an initial €10m investment.

 

The aim is that the first phase the partnership will come up with common requirements for Cloud procurement in areas such as standards and security while phase two will deliver proof of concept solutions for common requirements and the third phase will see implementation.

 

Kroes picked up on her themes again in a subsequent address at an event in Brussels - Fuelling the European Economy – which was hosted by US vendor Microsoft, one of the Cloud services providers that presumably she hopes will be listening and adapting.

 

“Potential users still hesitate,” she suggested. “They worry about the service they will be getting, about risks of lock-in and whether they can trust the provider with their data. [They] want to know the answers to these questions. To obtain the benefits of the Cloud without protracted and expensive legal negotiations. To get clarity on issues like standards, privacy, data portability, legal liability and applicable jurisdiction.”

 

To that end, the EC is on track to release a pan-European Cloud Computing strategy by the middle of this year.  This will, she insisted, make Europe “not just Cloud-friendly – but Cloud-active.”

 

Quite what will be in this strategy, how it will fit with emerging national Cloud strategies – such as the UK’s G-Cloud – and frankly how much importance will be attached to it by the US companies which currently dominate the Cloud market, remains to be seen.

 

As a starting point, Kroes touched on the thorny issue of data protection, a topic that has been developing as a bugbear among some of the more outspoken US service providers who regard existing data transfer restrictions an irksome barrier to free trade in the Cloud.

 

Kroes concedes that the status quo is not acceptable. “It's no use having rules that only make sense on paper, but are unworkable when it comes to new technology and can't be applied in practice,” she admits. “Especially when you consider applications that were not even imagined 15 years ago. Our current data protection rules date from the early 90s, when the net was a niche activity.”

 

The Commission’s response to this is on the face of it a step in the right direction. "Clouds cross borders, and so does the data they hold. So we will make it easier to operate Clouds both within and outside our Single Market,” states Kroes, adding that she wants to see “a single set of rules for Europe, not 27 different ones. Alongside that, under the new rules you will get a one-stop-shop of enforcement. So that, even if an operator is active in several EU countries, it will only have to deal with one data protection authority – the one where its main base is.”

 

So rather than having to have a data centre within every national boundary, a US firm setting up in, for example London, would be able to deal with the UK Information Commissioner but offer services to customers in France or Germany or any other EC signatory country.

 

“Globally operating businesses will benefit from changes to the use of binding corporate rules. They only have to get authorisation from a single authority; and there is more recognition of the variety of structures used in Cloud Computing,” argues Kroes.

 

What this will of course do is open up a new competitive market for national governments within Europe to woo US Cloud services providers to set up their data centres in specific countries. With no need to have a data centre in each nation, providers will be able to pick and choose where to set up shop.

 

Ireland has already benefited from the Silicon Fen boom fuelled by low business tax rates, an educated workforce and healthy inward investment incentives. It’s now openly targeting the US Cloud providers as the next generation of that inward investment and has chalked up some significant victories such as Marketo, Amazon and Workday.

 

On the other hand, NetSuite has invested in Eastern Europe, while Oracle offers on demand services out of Scotland and Salesforce.com still seems on track to set up its European data centre in or around London.

 

With national governments across Europe moving towards a Cloud-centric public sector at a variety of paces, the opportunity is clearly there for all European nation states to tempt the major US providers to set up shop within their borders.

 

If followed through on, this partial dismantling of the data protection barriers could be a great drive of public sector Cloud adoption across Europe. It could also pose a serious challenge to the cause of the UK government trying to get US Cloud firms to set up here. If you don’t need to set up in London to service the UK public sector but can do it from a cheaper locale, then potentially the Cloud market just became the new offshoring market.