By Yoni Van der Taelen
Head of Product Management at Klarrio
When asked to write a summer blog for the Belgian Knowledge Centre Data & Society, I started looking into the other articles on the website and noticed that many of them focused on AI. As the organization’s name suggests, I thought I would write something that focuses more on the Data and Society part.
While AI is a promising market trend, one must realize that an AI has to be fed a large amount of data to bring optimal results. So, where does all of that data come from? It comes from a variety of different sources, but one thing that we often see is that the public cloud is used to store and process all of that data. To do that, all of that data is sent to the aforementioned public cloud. If we say public cloud, most people will only think of 3 players, the US hyper scalers; Amazon AWS, Microsoft Azure, and Google Cloud Platform.
There are more players in the market, even in the EU, and they are growing. This article on a recent study indicates that 1 out of 3 IT managers in the EU is considering moving to an EU cloud provider. But why, you ask?
Unfortunately, privacy regulations in the US are often overruled by US laws, such as the patriot act, that circumvent EU privacy regulations. We’ve heard companies repeatedly say that “we’re ok” because we use an EU-based AWS-, Azure- or GCP-datacenter. Unfortunately, this is not the case; US law states that any US company can be subject to hand over data to the US government no matter where it is stored if it could be a matter of National Security. Microsoft even releases biannual trust reports to indicate the number of requests it receives from the government and law enforcement agencies. The number of requests is staggering, especially in the case of consumer data requests.
So that is the data part; what about society?
People are getting more concerned about privacy, as they should. However, there are still many people actively using many services that significantly impact privacy, and it very often isn’t transparent, understandable, and clearly communicated what is being done with that private information. Next time you blatantly accept marketing cookies, perhaps think twice before doing
so. Website creators don’t make it easy for you to opt-out of the advertising and marketing cookies, although companies legally should.
I always liked this quote; ‘If you’re not paying for it; you are the product’ and try to evangelize it as much as possible. It is tangible when you use one of your favorite “free services,” such as email or social media, where you talk to a friend about “product X,” where 10 seconds later, all ads you get served are
about said product. Sounds scary to me.
But, even if we could guarantee data privacy, working with it and using it ethically still requires a lot of technical expertise. And that technical expertise is often outsourced to countries with lower labor costs. The genuinely skilled, specialist engineers trained in the EU will often work remotely for the hyper scalers. The operational and technical execution is done by engineers who barely make minimum wage.
Future seems pretty dim, right?!
Well, no, even though most of what I have mentioned before is the sad reality. Fortunately, people and companies are waking up and are slowly but surely making plans to improve the level of privacy. GDPR, ePrivacy, and the data act, followed by initiatives such as gaia-x and the International Data Spaces Association, are making strides in creating a framework that will address the issues. It won’t disallow the use of hyper scalers, but it will push for a set of rules to play by. Privacy Shield — a political agreement between the US and the EU was destroyed years ago, so the data kept flowing all this time. Not good enough yet, but there is currently an agreement “in principle” on privacy shield 2.0.
Albeit slow, things are happening, and we can only applaud that.
So should we stop sharing data? No! The most significant evolutions will be made by parties sharing data, but we must stay in control of the data and ensure that not all that data flows in one direction. Away from us. There is a real need for the next generation of data infrastructure to be an open, transparent, and secure digital ecosystem where data and services can be made available, collated, and shared in an environment of trust.
Technical expertise, research, and development skills need to be fostered in the EU, and more people should be trained in STEM (Science Technology Engineering Mathematics). Since this would allow us to remain relevant in a world that is evolving toward SaaS and low-code solutions, causing us to lose the knowledge and skills needed to do things ourselves.
If we can achieve that, with everyone playing by the same rules, we may avoid becoming “EU — The Digital Wasteland.”