The war in Ukraine has sparked renewed interest in keeping data within national borders. This creates challenges for those working with companies with mixed allegiances.
Regardless of your political leanings, the war in Ukraine has been a watershed moment as the first modern war on the European continent. It’s also the first conflict where technology became a significant factor, not just on the battlefield but in everything from social media to the financial system.
Along with tanks, small arms and artillery, both sides have deployed YouTube, Telegram and Facebook to spread their side’s views, influence other nations and even demoralize the other side. In addition to the usual government-based sanctions, the commercial banking sector has also been pulled into the fight. Payment networks Visa and Mastercard suspended Russian operations, impacting political figures and the general population.
These moves on the technology front have created a massive shift in what were once primarily global networks and products. Regardless of your feelings about the combatants, it’s not hard to imagine the frustration you’d feel if the cloud provider you’d come to rely on shut down all your services in a matter of days.
The balkanization of the cloud?
This scenario has not been lost on other regions that are not as closely aligned with the United States. As an American, I find it all too easy to fall into the trap of bucketing all the countries around the world into cartoonish “good guys” and “bad guys” buckets, but the geopolitical truth is far more complex. Dozens of advanced economies find themselves with mixed allegiances between the United States, Europe, Russia, China and a variety of other powers, each with their own agendas and concerns.
As tech leaders, it might seem like geopolitics is well outside our scope of responsibility. Still, the actions in Ukraine have spooked many of the countries that straddle a complex relationship between the U.S. and its allies and Russia and its partners. I’ve seen several global clients mandating that all cloud data be stored in-country and an increasing hesitance to rely solely on American tech companies.
Data sovereignty laws that were once readily exempted are now being enforced, creating a significant challenge for tech leaders. Suppose your entire platform is based on Google Cloud, and your company plans to expand to Nigeria. In that case, an otherwise simple localization project might suddenly find you have to migrate and integrate a local cloud provider to comply with data sovereignty laws in a country without a Google Cloud region.
SEE: Hiring Kit: Cloud Engineer (TechRepublic Premium)
Several countries in Africa, Asia, the Middle East and Latin America already have strong data sovereignty laws on the books and have watched with some alarm as Russian businesses, media and citizens have been blocked from these platforms. In response, countries are increasingly developing and mandating the use of local cloud providers with strong government oversight, potentially reducing the “build once, deploy anywhere” benefit of the cloud.
Lean on legal
Based on the renewed interest in data sovereignty in many countries sparked by the war in Ukraine, it’s worth working with your legal colleagues to understand the rules where you currently operate and identify potential risks. Don’t assume that because you’ve been operating in a particular region using a global cloud provider for years that all is well. In most jurisdictions, the only valid route around any data sovereignty laws is a formal letter of exemption from a government agency.
Build time for this due diligence into any geographic expansion programs. If you’re managing the technology for a company with diverse global operations, consider creating an initiative to ensure you’re compliant. This can be a particularly challenging exercise as you may deal with multiple languages, complex bureaucracy, and a “great divide” between data sovereignty’s legal and technical aspects. No one ever said being a modern tech leader was going to be easy.