Following numerous hacking scandals, cyber attacks and the complicity of several tech companies in government snooping, the last six months have seen privacy once again thrust onto the IT agenda. Following large-scale cyber attacks on Asian brands such as Sony and VTech, consumers have become more conscious than ever of their need – and right – for privacy.
Given these widely publicised security breaches, it’s no surprise that cyber attacks have been ranked highest on the list of IT professionals’ biggest security concerns.
While hacking collectives such as APT30 may have left both businesses and customers with little hope for the future of data privacy, they have at the very least forced businesses in the Asia-Pacific region businesses to finally start taking the issue of individual privacy more seriously.
After watching Sony lose almost $35 million as a result of its most recent cyber attack, many businesses are now looking to increase their encryption technologies in an effort to keep their customers (and their bottom lines) secure. Despite these efforts however, enhanced encryption can only get these organisations so far. At the end of the day, data privacy is not just a technological issue – it is also a governmental one.
While businesses in Asia were scrambling to increase their encryption, politicians around the world were simultaneously going “on the offensive” against the use of high-level encryption technologies. This included UK Prime Minister David Cameron calling for an “end to encryption”, as well as encouragement from President Xi Jinping for tech firms to avoid security features that could “harm national security or consumer rights.”
Yet despite the active role that governments are playing in managing and regulating these technologies, one in five IT decision makers have said that they would not support any reduction in encryption technology – even for the benefit of national security.
As IT professionals fight these battles on purely technological grounds, in the background, new regulation (such as China’s new anti-terrorism law) is putting businesses under increasing pressure. This regulation is forcing technology firms to compromise the security of their products in order to comply with vague and often contradictory counter-terrorism demands.
As a result, businesses must not only worry about the possibility of cyber attacks, but also of the increased threat of government surveillance. The question is no longer “how can I secure my data”, but rather “which governments will allow me to secure my data”. The technology isn’t the issue - the government is.
As a result, many large Asian businesses do not trust national governments to keep their customers’ data secure. This lack of trust is opening the way for a new wave of external data encryption companies, with customers flocking to those providers that can offer genuine protection outside of Asia, the US or the EU.
One examples of this was Xiaomi’s decision to take a stand against government intrusion and relocate its international client data outside of China. Following accusations of backdoors in Xiaomi devices back in 2014, the mobile firm is finally setting a precedent for other large Asian businesses to follow. And it seems that they’re not alone. According to Artmotion’s research, 76% of IT professionals would be willing to move their data to another country purely as a result of information privacy concerns.
While the decision by Xiaomi is great news for those of us interested in individual privacy, it is surprising to see that the tech giant has still chosen to relocate its data inside of the EU – despite the region’s own ties to government surveillance. As it stands, nearly one in every five IT decision makers would not be willing to host their data inside the EU due to data privacy and security concerns. Instead, they are migrating their information to independent nations such as Switzerland and Canada, whose governments rarely intervene in individual privacy or the encryption practices surrounding data storage.
By choosing to relocate their data to these regions, IT professionals in Asia are explicitly telling governments and hosting companies that their existing security and encryption practices simply aren’t good enough. Consumers and businesses are voting for individual privacy more than ever before. They are telling governments that encryption and data security are vital parts of an organisation’s core business, technology, and even customer service strategies.
At the end of the day, privacy is a right and businesses should want to provide it. Failing to keep your data secure does more than just compromise your security, it compromises your customers’ trust.
Mateo Meier is the CEO of Artmotion