The Snooper's Charter risks removing billions of pounds from the UK economy by effectively forcing cloud and hosting companies to leave, rather than give in to demands to weaken encryption, it is claimed.
Speaking to Cloud Pro, Michael Ginsberg, CEO of cloud-based encryption service Echoworx, said his company is ready to abandon its two UK datacentres and migrate to other facilities abroad should the Snooper's Charter, formally known as the Investigatory Powers Bill, become law.
The bill proposes that internet service providers keep a list of websites their users visit for at least 12 months, and demands that hosting providers leave 'backdoors' in their encryption open for the government.
"If the [UK] government wants an encryption backdoor, we can move to a jurisdiction that doesn't have encryption back doors ... where this legislation doesn't exist," he said. "The bad news for the UK is $15 billion a year in hosting businesses and if my company can move out of the UK in a snap, how many other companies can?"
Ginsberg added: "Apart from any moral problems about snooping on its citizens and enterprises, there's some real financial risk. It has already activated us so we can imagine what larger hosting companies plans are [doing] in anticipation of this legislation, and once that data moves it won't come back. That's a real problem."
To illustrate his point, Ginsberg gave the example of "one of the largest commercial banks in Canada", which had all its commercial credit card processing done in Minnesota.
"Within two months of the original 9/11 US Patriot Act coming in, it was all back in Canada and it's never going to return," he said.
Technical problems
Ginsberg also accused the UK government of not having fully thought through the practical implications of the requirements in the Investigatory Powers Bill - an accusation that has been levelled before with regard to data storage demands.
"As incredulous as it is to believe they're considering this, I don't know if the practicalities of it are going to allow them to enact it," said Ginsberg.
"We host a very large charity of yours here in the UK that deals with sensitive personal data and if the government comes to us and says 'We need a back door to your encryption' and I say, of course, 'no', and we snap our fingers and we're in Ireland or Romania - then what do they do? Do they go to the charity? What can the charity do? They're going to be asked to provide a backdoor and they're incapable of doing that technically - it's not their system, really."
"So the charity will say they can't and is the government going to say either use someone else's encryption, which isn't safe, or they can't use encryption? I don't know that it has followed the string of the logic of their own intent," he added.
