Microsoft has announced new data centers in Germany where customers can keep their data safe from US government snooping, thanks to a deal which puts access control in the hands of Deutsche Telekom. The opportunity is available to customers across Europe.
T-Systems, a subsidiary of the German telecoms company, will act as a “trustee” for German data, and customers can choose to have it oversee their information. The deal is a radical one, because Microsoft itself will not be able to access any data held under this arrangement without the permission of T-Systems. Thus, any attempt to use US law to gain access would hit a roadblock.
The two new data centers, in Frankfurt and Magdeburg, will offer services across the European region from the second half of 2016, and are particularly pitching at security concsious sectors such as finance, health and the public sector.
Private German cloud
The new arrangement is designed to put European data beyond the claimed jurisdiction of US courts and the National Security Agency, both of which have been making increasing demands for access to private data.
“Our new datacenter regions in Germany, operated in partnership with Deutsche Telekom, will not only spur local innovation and growth, but offer customers choice and trust in how their data is handled and where it is stored,” said Satya Nadella, chief executive officer, Microsoft, announcing the services in Berlin yesterday.
It’s the first time a global webscale player has offered such a service and T-Systems will supervise all access to the data by Microsoft or other agencies.
As well as porentially restricting access by the US National Security Agency (NSA), it could help German customers avoid a repeat of the legal tangle which cropped up in Ireland, when the US courts demanded Microsoft provide access to emails of a suspect, which were hosted in Ireland.
Available across Europe
“Microsoft is pioneering a new, unique, solution for customers in Germany and Europe. Now, customers who want local control of their data have a new option, and I anticipate it will be rapidly adopted”, said Timotheus Höttges, CEO of Deutsche Telekom AG.
In September 2014, Microsoft’s German CEO had given hints of such a move to German media, which were then reported as plans for a German-only cloud” delivered with a local partner.
The new services will comply with German data handling regulations, allowing customers to see where their data is processed. According to a study by German trade body Bitkom, 83 percent of all German enterprises expect their cloud provider to operate local datacenters in Germany.
They were welcomed by Arthur Kaindl, general manager of digital health services at the German giant Siemens Healthcare: “Microsoft’s latest offering addresses companies who need to comply with the most stringent privacy regulations. It now enables us and our customers to scale and to successfully implement new business models even broader.”
Few details of the new data centers were available, but they will be linked by a private network providing business continuity and guaranteeing that data will remain in Germany (and under T-Systems’ control if customers use the trustee option). No details of the facilities’ size or capacity were revealed, but the sites will have multi-factor authentication with biometric scanning and smart cards, and will offer data encryption by SSL/TLS protocols based on German certificates. They will also have the usual protections against physical disaster and power outages.
Although the announcement took place in Germany, and is tailored for the German market, the data centers will offer services to customers across both the European Union and the EFTA region. All services offered from the German regions will have the trustee arrangement with Deutsche Telekom in charge of access. The comments by the Deutsche Telekom CEO make it clear that the trustee option will apply beyond the borders of Germany, and Microsoft has clarified that this is the case.
The news follows the announcement earlier in the week, of plans for Microsoft datacenters in the United Kingdom and the completed expansion of existing datacenter facilities in Ireland and the Netherlands.