Exploring the US-China Technology Dynamic Through

Total Page:16

File Type:pdf, Size:1020Kb

Exploring the US-China Technology Dynamic Through Digital Expansionism: Exploring the U.S.-China Technology Dynamic Through Cybersecurity Policy and International Marketing Strategies in the Cloud Computing Sector Julien Isaacs Working Paper CISL# 2019-14 June 2019 Cybersecurity Interdisciplinary Systems Laboratory (CISL) Sloan School of Management, Room E62-422 Massachusetts Institute of Technology Cambridge, MA 02142 Isaacs 1 Digital Expansionism: Exploring the U.S.-China Technology Dynamic Through Cybersecurity Policy and International Marketing Strategies in the Cloud Computing Sector By Julien Isaacs BSFS Georgetown University, 2012 SUBMITTED TO THE MIT SLOAN SCHOOL OF MANAGEMENT IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN MANAGEMENT STUDIES AT THE MASSACHUSETTS INSTITUTE OF TECHNOLOGY JUNE 2019 ©2019 Julien Isaacs. All rights reserved. The author hereby grants to MIT permission to reproduce and to distribute publicly paper and electronic copies of this thesis document in whole or in part in any medium now known or hereafter created. Signature of Author: _____________________________________________________________ Julien Isaacs MIT Sloan School of Management May 10, 2019 Certified by: ___________________________________________________________________ Stuart Madnick John Norris Maguire Professor of Information Technologies, Sloan School of Management & Professor of Engineering Systems, School of Engineering Thesis Supervisor Accepted by: ___________________________________________________________________ Jake Cohen Senior Associate Dean, MIT Sloan Undergraduate & Masters Programs MIT Sloan School of Management Isaacs 2 Digital Expansionism: Exploring the U.S.-China Technology Dynamic Through Cybersecurity Policy and International Marketing Strategies in the Cloud Computing Sector By Julien Isaacs Submitted to MIT Sloan School of Management on May 10, 2019 in Partial Fulfillment of the requirements for the Degree of Master of Science in Management Studies. ABSTRACT The U.S. and China remain largely separated from one another in terms of technological market access, with both sides implementing policy regimes serving as official or unofficial barriers to international trade, especially evident in data-sensitive industries, such as cloud computing. The result is a very low market share for American cloud computing providers in China, and vice-versa. This paper explores the U.S.-China dynamic insofar as government policy and action are concerned, the U.S. and China markets, and private enterprise’s response and strategy in the cloud computing industry, which is notable not only given its value, $278.3 billion worldwide by 2021, but also its central position in the flow of global data.1 The paper arrives at a number of conclusions. Firstly, given China’s techno- nationalist policy regime, U.S. cloud computing firms, and by extension, all U.S. technology companies, will face increasingly limited market share and opportunity in China. Conversely, Chinese cloud computing providers, and by extension Chinese technology products, in general, may be able to successfully garner market share in the U.S. by offering innovative products with little to no substitutes, for which Americans will potentially waive their data privacy concerns in order to access (which may lead to unintended consequences). Lastly, the U.S. and China should work together to form, articulate and implement cybersecurity and data norms, enhancing international cooperation on a government and private enterprise level, effectively removing international trade barriers and promoting and enhancing market access. Cooperation, however, remains a challenge, given the differing policy objectives of the U.S. and China. Thesis Supervisor: Stuart Madnick Title: John Norris Maguire Professor of Information Technologies, Sloan School of Management & Professor of Engineering Systems, School of Engineering 1 “Gartner Forecasts Worldwide Public Cloud Revenue to Grow 17.3 Percent in 2019.” Gartner IT Glossary, Gartner, Inc., 2018, www.gartner.com/en/newsroom/press-releases/2018-09-12-gartner-forecasts-worldwide-public-cloud- revenue-to-grow-17-percent-in-2019. Isaacs 3 Table of Contents 1. Introduction................................................................................................................................................6 2. Cloud Computing ......................................................................................................................................8 2.1 Cloud Computing Technology Overview ........................................................................................ 8 2.2 Cloud Computing: Market Analyses ............................................................................................. 12 2.3 Cloud Computing: U.S. Market ....................................................................................................... 16 2.4 Cloud Computing: China Market ................................................................................................... 17 3. Cybersecurity .......................................................................................................................................... 22 3.1 Cybersecurity; Overview & Framework...................................................................................... 22 3. 2 Cybersecurity; International Trade ............................................................................................ 23 3.3 Cybersecurity; The Cloud ................................................................................................................ 24 3.4 Parkerian Hexad ................................................................................................................................ 25 3.5 A Discussion on Cloud, Data and Consumer Data Privacy...................................................... 28 3.6 Porter’s Five Forces .......................................................................................................................... 30 3.7 A Comprehensive Framework ....................................................................................................... 32 4. America to China: Cloud Expansion................................................................................................ 34 4.1 America to China: Context & Background .................................................................................. 34 4.2 A Discussion on China & the WTO ................................................................................................ 36 4.3 A Discussion on Techno-nationalism........................................................................................... 39 4.4 America to China: Policy Background ......................................................................................... 41 4.41 2006 - 2012: Early Policies & Initiatives ................................................................................................................ 41 4.42 2009 China Telecom Law............................................................................................................................................. 43 4.43 ICP & ISP Licenses .......................................................................................................................................................... 43 4.44 2012 Decision of the Standing Committee of the National People's Congress on Strengthening Information Protection on Networks ................................................................................................................................ 44 4.45 2015 National Security Law ........................................................................................................................................ 45 4.46 2017 Cybersecurity Law .............................................................................................................................................. 46 4.5 America to China: Cloud Computing Case Study: Microsoft ................................................... 51 4.6 America to China: Analysis ............................................................................................................. 53 5. China to America: Cloud Expansion................................................................................................ 56 5.1 China to America: Context & Background .................................................................................. 56 Isaacs 4 5.11 A Discussion on Huawei & ZTE: A Helpful Precedent ........................................................................................ 56 5.12 FIRRMA & CFIUS ............................................................................................................................................................. 63 5.13 Exposing PLA Unit 61398 (总参三部二局) ............................................................................................................ 65 5.14 Increased U.S.-China Cyber Tension ........................................................................................................................ 66 5.15 2015 The U.S.-China Cyber Agreement ................................................................................................................... 67 5.2 China to America: Policy Background ......................................................................................... 70 5.21 1986 Stored Communications Act (SCA) & 1986 Electronic Communications Privacy Act (ECPA) .. 71 5.22 1994 Communications Assistance for Law Enforcement Act
Recommended publications
  • A Modeling Language for Multi-Tenant Data Architecture Evolution in Cloud Applications
    School of Computing and Communications A Modeling Language for Multi-tenant Data Architecture Evolution in Cloud Applications Assylbek Sagitzhanuly Jumagaliyev M.Sc., International Information Technologies University, 2014 B.Sc., Suleyman Demirel University, 2011 Thesis submitted for the degree of Doctor of Philosophy 29 April 2019 Abstract Multi-tenancy enables efficient resource utilization by sharing application resources across multiple customers (i.e., tenants). Hence, applications built using this pat- tern can be o↵ered at a lower price and reduce maintenance e↵ort as less application instances and supporting cloud resources must be maintained. These properties en- courage cloud application providers to adopt multi-tenancy to their existing appli- cations, yet introducing this pattern requires significant changes in the application structure to address multi-tenancy requirements such as isolation of tenants, exten- sibility of the application, and scalability of the solution. In cloud applications, the data layer is often the prime candidate for multi-tenancy, and it usually comprises acombinationofdi↵erentcloudstoragesolutionssuchasblobstorage,relational and non-relational databases. These storage types are conceptually and tangibly di- vergent, each requiring its own partitioning schemes to meet multi-tenancy require- ments. Currently, multi-tenant data architectures are implemented using manual coding methods, at times following guidance and patterns o↵ered by cloud prov- iders. However, such manual implementation approach tends to be time consum- ing and error prone. Several modeling methods based on Model-Driven Engineer- ing (MDE) and Software Product Line Engineering (SPLE) have been proposed to capture multi-tenancy in cloud applications. These methods mainly generate cloud deployment configurations from an application model, though they do not automate implementation or evolution of applications.
    [Show full text]
  • First Half 2021 Letter to Co-Investors in Business Owner
    First Half 2021 Letter to Co-Investors in Business Owner Dear Co-Investors, The NAV of the Business Owner Fund was €994.14 as of 30 June 2021. The NAV increased 14.0% since the start of the year and 901.9% since inception on 30 September 2008. The compound annual growth rate since inception is 19.8%. Part 1: Humility It continually takes my breath away how differently things can turn out compared to what might reasonably be expected at the time. It is what makes investing endlessly fascinating but also incredibly hard. I was reminded of this recently by Credit Acceptance’s second quarter results. Collections for its 2019 cohort of consumer loans – the last one before the Covid-19 crisis – are not only tracking ahead of its initial expectations but are showing a large, positive variance. If I teleport myself back to March 2020 when the global economy was at an almost complete standstill, the only question on my mind was how bad unemployment could get. Did the Great Financial Crisis constitute a worst- case scenario? Or the Great Depression? Or neither? The idea that the 2019 cohort would not only do better than expected but by a large margin would have been laughable. With hindsight, it is easy to rationalize it, now that we know about stimulus cheques and the impact of the semiconductor shortage on used car prices. However, neither of these developments were known nor knowable at the time. It is a reminder, as if one were needed, of the importance of humility. Part 2: Increasing our Investment in China The most consequential capital allocation decision in the first half-year was to increase our investment China by purchasing a new position in Alibaba and increasing our holding in Prosus, the major shareholder of Tencent, China’s largest internet company.
    [Show full text]
  • Data Center Industry Overview Colby Synesael.Pdf
    INDUSTRY OVERVIEW MARCH 2019 Colby Synesael Senior Equity Research Analyst Cowen and Company 646 562 1355 [email protected] DATA CENTERS ARE PART OF COMMUNICATIONS INFRASTRUCTURE What Is Communications Infrastructure? • What Is Communications Infrastructure? – The idea that macro towers, data centers, optical fiber, and small cells/DAS represent one asset class whose singular purpose is the enablement of communications, and in so doing have developed business models very similar to one another, and in many cases more similar to the real estate industry than the telecom services industry. • Key attributes – Unit pricing increases over time (typically with an escalator) – Long-term contracts – High contribution margin • Think like a real estate company – Dark fiber, colocation, towers, land rights all qualify as REIT assets by the IRS – Return-oriented decision making – Value of AFFO as a metric • Scale matters – Supply chain mgmt. (i.e. cost to build) – Geographic diversity – Relatively low cost of capital Source: Cowen and Company “The Edge” Is The Next Frontier • Creating new opportunities • Fiber routes • Small cells • Data centers (more locations/smaller footprint per location) • Where the end-users of digital services reside • Compute/storage needs to occur closer to them • Tier II/III markets • Where wireless infrastructure meets wireline infrastructure Source: Cowen and Company SECTOR PERFORMANCE Strong Sector Performance Communications Infrastructure Index: 5-Year Performance (Indexed to 100 on 01/31/2014) 280 260 240 139% 220 200 180 160 140 120 100 80 Comm. Infra. Index Stocks: AMT, COR, CCI, CONE, DLR, EQIX, INXN, UNIT, QTS, SBAC, SWCH, ZAYO Data Center Index Stocks: COR, CONE, DLR, EQIX, INXN, QTS, SWCH Source: Thomson Reuters Strong Sector Performance Communications Infrastructure Index vs.
    [Show full text]
  • Launch Innovative Products Faster with Red Hat and Alibaba Cloud
    LAUNCH INNOVATIVE PRODUCTS FASTER WITH RED HAT AND ALIBABA CLOUD PARTNER BRIEF FAST INNOVATION AND AGILE DEPLOYMENT ARE CRITICAL FOR SUCCESS Worldwide, organizations face increasing competition as digital technologies continue to disrupt industries. To remain successful, they must differentiate themselves with compelling products while also controlling costs. However, if it takes too long to develop and launch new products, the business is likely to miss market opportunities and become less competitive. By 2020, In addition, many companies are adopting multicloud strategies to reduce risk. Yet choosing the 83% right set of cloud providers and services from the large number available — and then connecting of enterprise workloads will them into existing on-premise and cloud-based infrastructure — can be overwhelming. run on cloud infrastructure, Red Hat and Alibaba Cloud deliver the modern cloud foundation and innovative application develop- with 41% running on public ment technologies you need to quickly create high-value products, monitor and manage expenses, 1 cloud infrastructure. and mitigate technological risk. Red Hat and Alibaba Cloud BUILD A FLEXIBLE APPLICATION ENVIRONMENT provide a modern cloud foun- Red Hat and Alibaba Cloud combine production-grade open source software, global cloud infra- dation and innovative applica- structure, and advanced machine learning and big data capabilities into a high-performance, adapt- tion development technologies able platform for application development and deployment. A leading public cloud service provider, to help you build and launch Alibaba Cloud operates 18 datacenters globally. These datacenters are connected by fast networks compelling products quickly to provide a unified experience — no matter where you are or which datacenter you connect to.
    [Show full text]
  • Deploying Fortiweb-VM on Alibaba Cloud
    FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO GUIDE https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/support-and-training/training.html NSE INSTITUTE https://training.fortinet.com FORTIGUARD CENTER https://fortiguard.com/ END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: [email protected] Administration Guide TABLE OF CONTENTS Creating a virtual private cloud 4 Obtaining the deployment image 7 Uploading image file to Object Storage Service 9 Creating custom image 14 Creating FortiWeb-VM instance 16 Connecting to FortiWeb 19 Changing the default administrative ports 19 Changing the password 20 Administration Guide 3 Creating a virtual private cloud Creating a virtual private cloud 1. Assuming this is a new environment, the first step is to create the virtual private cloud (VPC). In the Alibaba Cloud web console, select Virtual Private Cloud. 2. Click Create VPC. 3. Configure the following settings. VPC Name Enter a name for the VPC. IPv4 CIDR Block Specify the IPv4 CIDR Block for this VPC. Resource Group Select the resource group for the VPC. VSwitch Name Enter a name for the VSwitch. Zone Select the zone of the VSwitch. In later steps, you should deploy FortiWeb-VM in the same zone. IPv4 CIDR Block Specify the IPv4 CIDR Block for this VSwitch. It should be a subnet of the VPC. Administration Guide 4 Creating a virtual private cloud Administration Guide 5 Creating a virtual private cloud Administration Guide 6 Obtaining the deployment image Obtaining the deployment image 1.
    [Show full text]
  • Cloud Computing
    JYOTI NIVAS COLLEGE PG CENTER DEPARTMENT OF MCA III YEAR TECH-ON-TAP E-JOURNAL ON CLOUD COMPUTING Issue 1, August 2020 Sl.no Title Page.no 1 Alibaba Cloud 1 2 Workday and Softchoice 2 3 Citrix Cloud Services and Nippon Data 4 4 Softlayer and Bluelock 6 5 IBM Cloud 7 6 Oracle Cloud 9 7 BackBlaze and Jira Cloud 10 8 SnowFlake 11 9 AWS Kiinesis and Verizon Cloud 12 10 Amazon Elastic Compute Cloud (EC2) 13 11 Google Cloud and Navtech Platform 14 12 Tresorit 16 13 Massive Grid and Egnyte 17 14 Microsoft Azure and Cloud-myNav 19 15 Box and OpenStack 20 16 Kamatera and SAP-S/4 Hana Cloud 22 17 Cloud Ways and Adobe Service 24 18 Cloud Sigma and Prolifics 25 19 MessageOPS - Cloud Service Provider 27 20 pCloud Service Provider 28 21 CtrlS and Zendesk 29 22 Century link and Service Now 31 23 Milesweb 33 24 Zoom Cloud 35 25 Collibra 36 26 GoDaddy and Amazon Web Services 37 27 Ubiquity Hosting and Mage Cloud 39 CLOUD SERVICE PROVIDERS Kushmetha k. A(18MCA08) Brunda S(18MCA05) Cloud Service Providers are the companies that offer network services, infrastructure or the business applications in the cloud. These cloud services are hosted in a data center using network connectivity that can be accessed by companies or individuals. Few different forms of services that can be used in the cloud by the CSPs include Software as a Service(SaaS), Platform as a Service(PaaS) and Infrastructure as a Service(IaaS). Alibaba Cloud: It is a chinese cloud computing company founded in 2009 by Jack Ma and Simon Hu.
    [Show full text]
  • AWS to Alibaba Cloud Web Hosting Migration Guide
    Alibaba Cloud Migration Guide AWS to Alibaba Cloud Web Hosting Migration Guide Issue: 20190424 Migration Guide AWS to Alibaba Cloud Web Hosting Migration Guide / Legal disclaimer Legal disclaimer Alibaba Cloud reminds you to carefully read and fully understand the terms and conditions of this legal disclaimer before you read or use this document. If you have read or used this document, it shall be deemed as your total acceptance of this legal disclaimer. 1. You shall download and obtain this document from the Alibaba Cloud website or other Alibaba Cloud-authorized channels, and use this document for your own legal business activities only. The content of this document is considered confidential information of Alibaba Cloud. You shall strictly abide by the confidentiality obligations. No part of this document shall be disclosed or provided to any third party for use without the prior written consent of Alibaba Cloud. 2. No part of this document shall be excerpted, translated, reproduced, transmitted, or disseminated by any organization, company, or individual in any form or by any means without the prior written consent of Alibaba Cloud. 3. The content of this document may be changed due to product version upgrades , adjustments, or other reasons. Alibaba Cloud reserves the right to modify the content of this document without notice and the updated versions of this document will be occasionally released through Alibaba Cloud-authorized channels. You shall pay attention to the version changes of this document as they occur and download and obtain the most up-to-date version of this document from Alibaba Cloud-authorized channels.
    [Show full text]
  • Storm on the Horizon
    Storm on the Horizon: HOW THE U.S. CLOUD ACT MAY INTERACT WITH FOREIGN ACCESS TO EVIDENCE AND DATA LOCALIZATION LAWS Shelli Gimelstein TABLE OF CONTENTS I. Introduction 3 II. The CLOUD Act 5 A. Certification Requirements 5 B. Limitations on Orders 5 1. QFG Requests 5 2. Challenging Orders in Court 6 3. U.S. Requests for Data Located in a non-QFG 8 III. Potential Conflicts of Law 9 A. Forced Decryption and the UK Investigatory Powers Act 9 B. UK Overseas Production Orders Bill 10 C. EU Legislation 11 1. General Data Protection Regulation 11 2. E-Evidence Directive 12 D. Australia’s Assistance and Access Act 13 E. Data Localization Laws 14 IV. Impact on Providers & Conclusions 18 Storm on the Horizon: How the U.S. CLOUD Act May Interact with Foreign Access to Evidence and Data Localization Laws I. INTRODUCTION Frustrated by the complex and inefficient process of obtaining online data stored by technology companies around the world, the U.S., EU, and numerous other governments have recently enacted legislation making it easier for them to access users’ data in connection with criminal investigations. As a result of the U.S. Clarifying Legal Overseas Use of Data Act (“CLOUD Act”)1, the EU’s General Data Protection Regulation (“GDPR”), and various countries’ data protection and localization laws, technology companies—in particular, online service providers—face rapidly shifting legal landscapes and practical considerations underlying their decisions about where to store user data. U.S.-based providers have particular cause for concern: while the Stored Communications Act (SCA) previously blocked them from disclosing U.S.-held communications content requested by foreign governments, the CLOUD Act amended the SCA to permit foreign governments that have entered into executive agreements with the U.S.
    [Show full text]
  • United States Securities and Exchange Commission Washington, D.C
    UNITED STATES SECURITIES AND EXCHANGE COMMISSION WASHINGTON, D.C. 20549 Amendment No. 1 to FORM 20-F/A (Mark One) [_] REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934 OR [X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the fiscal year ended December 31, 2002 OR [_] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 For the transition period from ________to _________. Commission file number: 333-11724 NETEASE.COM, INC. ------------------------------------------------------------------ (Exact name of Registrant as specified in its charter) N/A ------------------------------------------------------------------ (Translation of Registrant's name into English) Cayman Islands ------------------------------------------------------------------ (Jurisdiction of incorporation or organization) Suite 1901, Tower E3 The Towers, Oriental Plaza, Dong Cheng District Beijing 100738, People's Republic of China ------------------------------------------------------------------ (Address of principal executive offices) Securities registered or to be registered pursuant to Section 12(b) of the Act. NONE ------------------------------------------------------------------ Securities registered or to be registered pursuant to Section 12(g) of the Act. Name of each exchange and Title of each class on which registered: American Depositary Shares, each representing 100 ordinary shares, par value US$0.0001 per share, Nasdaq National Market
    [Show full text]
  • Overcoming Constitutional Objections to the CLOUD Act Peter Swire & Justin Hemmings Introduction in 2018, the U.S
    Issue Brief February 2020 Overcoming Constitutional Objections to the CLOUD Act Peter Swire & Justin Hemmings Introduction In 2018, the U.S. passed the Clarifying Lawful Overseas Use of Data Act (the “CLOUD Act” or “Act”) in response to two related but distinct issues. The first part of the Act clarifies rules governing U.S. law enforcement access to data in the hands of U.S. providers, and in doing so mooted the pending Supreme Court case United States v. Microsoft (the “Microsoft Ireland” case). Microsoft argued that a U.S. warrant had no legal force to compel the production of emails stored on a server in Ireland. To resolve that question of law, the first part of the CLOUD Act provides that compelled disclosure orders issued by the U.S. will apply “regardless of whether such communication, record, or other information is located within or outside of the United States.”1 The second part of the CLOUD Act responds to foreign governments’ access to data in the hands of U.S. providers. Under the Stored Communications Act (SCA),2 which is part of the Electronic Communications Privacy Act (ECPA),3 service providers are generally prohibited from responding to a foreign government request for the content of communications except upon receipt of a court order signed by a U.S. judge. This prohibition applies even when the foreign government seeks to access data regarding its own nationals in the investigation of a local crime. With the prevalence of cloud computing, evidence for ordinary criminal investigations increasingly is held on servers in different countries.
    [Show full text]
  • Cross-Border Data Sharing Under the CLOUD Act
    Cross-Border Data Sharing Under the CLOUD Act Stephen P. Mulligan Legislative Attorney April 23, 2018 Congressional Research Service 7-5700 www.crs.gov R45173 Cross-Border Data Sharing Under the CLOUD Act Summary Law enforcement officials in the United States and abroad increasingly seek access to electronic communications, such as emails and social media posts, stored on servers and in data centers in foreign countries. Because the architecture of the internet allows technology companies to store data at a great distance from the physical location of their customers, electronic communications that could serve as evidence of a crime often are not housed in the same country where the crime occurred. This disconnect has caused governments around the world, including the United States, to seek data stored outside their territorial jurisdictions. In the Clarifying Lawful Overseas Use of Data (CLOUD) Act, Congress enacted one of the first major changes in years to U.S. law governing cross-border access to electronic communications held by private companies. The CLOUD Act has two major components. The first facet addresses the U.S. government’s ability to compel technology companies to disclose the contents of electronic communications stored on the companies’ servers and data centers overseas. The Stored Communications Act (SCA) mandates that certain technology companies disclose the contents of electronic communications pursuant to warrants issued by U.S. courts based on probable cause that the communications contain evidence of a crime. But a dispute arose over whether warrants issued under the SCA could compel disclosure of data held outside the territorial jurisdiction of the United States.
    [Show full text]
  • White Paper – Cloud Services in Sustaining Societal Functions
    White Paper Cloud Services in Sustaining Societal Functions – Risks, Appropriateness and the Way Forward White Paper – Cloud Services in Sustaining Societal Functions – Risks, Appropriateness and the Way Forward; Swedish Social Insurance Agency reference number: 013428-2019 Version: 1.0 Date: 18-11-2019 Like many other governmental agencies, the Swedish Social Insurance Agency offers easier access to information and services and streamlines internal processes with the aid of digital services. Cloud services offer good functionality, operational reliability and technological security at a reasonable cost. It is desirable and to a certain extent necessary for the public sector to be able to benefit from this. At the same time, we cannot ignore the increasing vulnerability that digitalisation of sustaining societal services entails. Sweden's digital sovereignty must be ensured and the public administration must retain or take back control of sustaining societal digital services and data. The decisions that are taken now will set the boundaries for our room to manoeuvre for the foreseeable future and influence Sweden's capacity to meet future challenges. The choice of IT services in sustaining societal activities will have consequences for citizens, individual agencies and the government administration as a whole, as well as Sweden as a state. The Swedish Social Insurance Agency's increasing dependency on secure, user- friendly and robust digital services requires the agency to determine if and when it is appropriate and feasible to use public cloud services that are offered by private suppliers. This decision is based on our responsibility and obligation to frequently handle highly sensitive confidential data about private individuals as securely as possible.
    [Show full text]