Adapt to Changing Regulations with Data Independence and Mobility

“The era of open borders for data is ending,” declared The New York Times in May 2022.¹ Meeting security, privacy, and compliance (https://bit.ly/42lK275) regulations and protecting data access and integrity (https://bit.ly/42DwOlA) aren’t the end of the data sovereignty journey. Future-proof your cloud infrastructure with data independence and mobility so that data can be shared and migrated as needed to respond to changes in technology or geopolitics. More than 150 countries now have regulations to control how data travels across national borders, meaning that meeting data residency requirements alone is no longer sufficient. Diplomats and the World Trade Organization (WTO) have been trying to negotiate cross-border data flows to protect trade and the global economy but the landscape continues to change.²

These restrictions have forced some companies to change their business practices and could potentially limit where they can operate. In France and Austria, organizations were told to stop using Google Analytics as it could expose the personal data of EU citizens to American “spying.” ³ Meta announced they might need to shut down European services if data transfer issues between countries aren’t resolved.⁴ And recently there has been concern about Tiktok’s data independence being a Chinese business but subject to US-based servers and US privacy laws. Overall multiple major U.S. tech companies have said they may not be able to offer the same products worldwide due to restrictions.

Limiting the flow of data can have concrete financial impacts. The Information Technology & Innovation Foundation found that a 1-point increase in a nation’s data restrictiveness cuts its gross trade output by 7% and reduces productivity and 2.9%.⁵ On the other hand, the U.S. International Trade Commission found that removing foreign barriers to digital trade would likely result in an estimated $16B-$41B increase in the U.S. GDP.⁶

Because these regulations continue to change rapidly and have such vast impacts on businesses and economies, organizations must future-proof with flexible data infrastructure. They must also partner with experts to ensure they’re complying with restrictions on cross-border movement of data. Sovereign cloud provides a modern architecture to make changes as needed for compliance quickly, backed by local experts to provide guidance.

Sovereign clouds are ideally part of a multi-cloud infrastructure that also includes public clouds for storage of non-sensitive data. Not only does this provide an efficient solution for organizations in terms of scale and cost, but it also allows sharing of data as needed, such as using public cloud data sets in sensitive data analysis or sending anonymized sensitive data to the public cloud or another entity. Thus a sovereign cloud provider must be able to support multi-cloud and hybrid cloud environments with complete interoperability.

Data independence is also needed for a successful sovereign cloud implementation. It lets you keep data separated from the applications that use it, meaning that any changes in the data structure won’t impact the application, improving performance, security, and flexibility.

Data mobility is another key consideration when looking for a flexible sovereign cloud provider. This allows you to avoid vendor lock-in by being able to migrate workloads as needed. Without mobility, your application or service may end up stuck with a provider that doesn’t have the latest features or worse – service stoppage, downtime, etc. Support for containerization of applications also makes migration simpler. Data mobility is also a right of individuals under regulations such as GDPR. Under the regulation, individuals can export, receive, or expunge data held about them. Therefore, your data must be stored in a structured, standard, and machine-readable format to enable this mobility.⁷

While data privacy and sovereignty can be tricky, a sovereign cloud can help you comply with regulations without adding IT burden. Engaging with a trusted sovereign cloud provider with expertise in privacy, data security, and data mobility can help guide you toward a robust data protection plan. In addition, sovereign cloud can help you:

• Control your data and prevent access by foreign authorities
• Boost security with advanced security controls
• Improve compliance with local providers and experts
• Fuel innovation through analysis of sensitive data
• Future-proof your infrastructure with the agility to respond to change quickly
• Increase mobility with portability and interoperability to deploy anywhere

To learn more about sovereign cloud from VMware or to connect with a provider in your region:

• Check out the Sovereign Cloud web page
• Watch the Sovereign Cloud Overview video  
• Download the VMware Sovereign Cloud Mobility and Independence – 1 pager
• Find and connect with a Sovereign Cloud Provider in your region
• Join the conversation on Sovereign Cloud on LinkedIn

Sources:

1. New York Times, The Era of Borderless Data Is Ending, May 2022
2. Hinrich Foundation, Data is disruptive: How data sovereignty is challenging data governance, August 2021
3. New York Times, The Era of Borderless Data Is Ending, May 2022
4. New York Times, U.S. and European leaders reach deal on trans-Atlantic data privacy, March 2022
5. ITIF, How Barriers to Cross-Border Data Flows are Spreading Globally, What They Cost, and How to Address Them, July 2021
6. U.S. Department of Commerce, Measuring the Value of Cross-Border Data Flows, September 2016
7. Deloitte, GDPR Top Ten #1: Data Portability, accessed July 2022