With the Investigatory Powers Bill (IP Bill) being ratified into law and imminent General Data Protection Regulation (GDPR), tech companies are now seeking to move their data centres out of the UK's jurisdiction to avoid any data privacy issues.
One such company is Intralinks, a provider of secure enterprise content collaboration technology, which is implementing new measures to enable its customers to deal with data privacy challenges associated with the GDPR. The company has announced the launch of a data centre located in Frankfurt, Germany.
With only 18 months until the GDPR is implemented, it's increasingly important for European businesses to reassure their customers on exactly where their data is located. Many of these organisations are in the process of planning their GDPR compliance strategy to avoid fines such as the four percent the EU plans to impose on any company's data breach.
The Brexit decision has further complicated the matter, with organisations having to consider how best to protect their most sensitive information as it travels around the globe; through countries with varying data privacy laws and standards.
Intralinks claims this move will enable customers to control how information is protected as it leaves the firewall and moves around the world, while meeting growing data privacy demands.
However, given the potentially lengthy process ahead – and often complicated data protection rules – many myths have arisen around the impact GDPR may have.
In an article for SC, Lillian Pang, senior director of legal and data protection officer, for internet company Rackspace raised a number of valid points on data centre jurisdictions. She writes: “A myth that has re-emerged since GDPR was approved is that German data cannot leave its borders. But this is inaccurate – data can leave German territory if the correct process is followed. There are always restrictions on where data can go, how it can be used and who has access to it, but as long as a business is compliant with EU regulations as well as any country-specific legislation, then Germany shouldn't be treated differently to other EU countries. ”
There is also the fear that once the UK leaves the European Union, the GDPR won't matter in the UK, but Pang says that, “Regardless of the outcome of Brexit negotiations, GDPR will apply to businesses that deal with customers within the EU and businesses are advised to review their compliance sooner than later.”
Richard Anstey, EMEA CTO at Intralinks told SCMagazineUK.com, “As the GDPR deadline approaches, customers need to plan their compliance strategy to know where their data is at all times, otherwise the fines are unthinkable. We're offering them more options to deal with this challenge and, while addressing the physical location of content is not a silver bullet, we believe that our new Frankfurt data centre will play a critical role here.”
Another company moving its data centre is, email encryption provider Echoworx, who says it has responded to the UK's impending departure from the single market by setting up shop in Dublin, outside of UK jurisdiction.
The company claims the installation has been fuelled by customers' increasing demand for geographic jurisdictional security and will allow European businesses with UK operations the option to store and protect their data within European privacy law, regardless of the impact of Brexit.
Commenting on the launch, Alex Loo, VP of operations at Echoworx said: “Jurisdictional security is fast becoming a top priority for our European customers. For those businesses with a UK presence, there are very real financial and operational implications of incoming UK-based policy. The Investigatory Powers Bill, currently being debated in parliament, has the potential to cause significant regulatory and compliance headaches. By installing OneWorld on an AWS Cloud in Dublin, we are able to take advantage of Ireland's highly favourable privacy laws and respond to our customers' demands for more secure communications.”
AWS Dublin is the first region to go live under Echoworx's strategy. It will be adding additional geographies as demand increases, with Latin America and Asia currently topping the expansion plans list.
But not all tech firms are rushing out of the UK - while 76 percent of CEOs are considering moving their headquarters or some operations outside Britain in the wake of Brexit, Okta's newly appointed President of Worldwide Operations, Charles Race, says Okta wishes to reaffirm its presence in the UK, opening its new European HQ in Farringdon, London.
A spokesperson for the company said: “For many industry experts Brexit poses a significant threat to London's position as a global tech hub, claiming key elements that have seen the capital emerge as a world-leading tech centre are now under threat, including access to skilled workers across Europe, a great variety of funding options, favourable regulation and access to the single market. Why is Okta reaffirming its presence in the UK post Brexit?”