Switzerland: From Banking Paradise To Data Safe Zone
Saturday, July 12, 2014
Stash gold in a Swiss bank? It's old hat. Try something really valuable: data.
Swiss vaults have held treasures ranging from Nazi gold to Wall Street fortunes. Now they might become the guardians of the 21st century's most precious asset. Think thick steel doors, timed locks, biometric sensors — all virtual, of course.
Data storage is booming in Switzerland. Attracted by the country's political neutrality and ironclad privacy laws, a growing number of people and companies are choosing to keep their sensitive information in the nation's servers.
Behind the rush: Edward Snowden. Since he first blew the whistle on the National Security Agency's surveillance activities last year, demand has surged for the services of Swiss data-storage companies.
"We had 15,000 new customers per month before the NSA affair. We now have 36,000, a 140-percent growth," says Gianluca Pirrera of Wuala, which provides Swiss-made, encrypted cloud storage.
Mateo Meier, CEO of Artmotion, a Swiss host service, says his company witnessed a 45-percent growth in revenue following the first leaks.
While Snowden might have been a catalyst, the NSA is just one in a long list of information-age worries. Data is the lifeblood of business and the economy. Like anything of value, it's the target of thieves: hackers after money, companies trying to undermine a competitor's merger or rival nations eager to acquire military intelligence.
"It needs to be well-protected," says Stinne Maria Petersen, from online storage provider SecureSafe.
That makes Switzerland the place du jour because of its laws. The Swiss Banking Act of 1934 gave the country its celebrity, but financial secrecy might soon be a thing of the past, as Switzerland has agreed to share tax information with the Organisation for Economic Co-Operation and Development, or OECD, and more than 300 of its private banks to help the U.S. crack down on tax evaders.
But the right to data privacy is so deeply rooted that it's written in the Swiss constitution: "Every person has the right to privacy in their private and family life and in their home, and in relation to their mail and telecommunications."
Information stored on Swiss soil is also protected by the strict Swiss Federal Data Protection Act and Ordinance to the Swiss FDPA, which require a judge's order to access private data based on substantial evidence of a possible crime. Under the American Patriot Act, by contrast, subpoenas require only a claimed link to "a terror threat."
"As the country is outside of the [European Union], it is not bound by pan-European agreements to share data with other member states, or worse, the U.S.," says Meier of Artmotion.
Switzerland's long tradition of neutrality also makes it a less likely target of cyberwarfare. Energy self-sufficiency reduces the chances of power outages. It also has a low risk of environmental disasters like earthquakes, hurricanes or floods.
"Separately, all these factors would not make much of a difference," says Evelyne Pintado of the digital security consultancy Navixia, "but together they make Switzerland a safe bet."
Of course, nothing's 100 percent safe. Nobody in Switzerland knew what the NSA was up to before the entire world found out. Dishonest employees are a risk. The Swiss will need a continuous effort to stay on top of constantly evolving and often invisible threats.
"The tools for stealing data are becoming more and more sophisticated, so data protection requires constant innovation and work to succeed over the long term," says Andy Yen, co-founder of ProtonMail, an encrypted mail service.
Switzerland's Data Protection and Information Commissioner Hanspeter Thür is calling for an update on the Swiss Data Protection Act. "We need to pay greater attention to monitoring tools and consider possible strategies against them," he says.
Thür is concerned about a new legislative proposal on digital surveillance that he thinks could undermine the country's established right to privacy. The law, currently under debate in the Swiss Parliament, would expand the state's right to collect private information in the name of national security.
For now, however, Switzerland's data storage companies continue to thrive. The services vary from basic data hosting to automatic backups, password management and encrypted corporate communications. Prices start at around $7 a month for 2GB of data storage and can go up to thousands of dollars for corporations backing up hundreds of terabytes.
Such products require constant software updates together with some top-notch offline security for the servers, including 24-hour surveillance, biometric identification systems and even armed guards. Visiting one is out of the question, aside from incredibly wealthy clients or background-checked employees.
Some companies keep server locations a secret. The Swiss Fort Knox brags it could survive a nuclear war because its servers are in an ex-military bunker, inside a mountain.
Over the top? Maybe. But customers keep coming, including the United Nations, Yahoo and Samsung, plus small businesses and even individuals wanting to keep treasured family pics safe.
Tech companies like Blackphone, a spy-resistant smartphone company, and ProtonMail have recently chosen Swiss servers. "Switzerland has some of the world's strictest data privacy laws, which offer additional protection for our users," says Yen.
To accommodate the growing demand, construction has begun on what will be Switzerland's biggest server farm yet — 59,000 square feet — near Geneva, by the Swiss company Safe Host.
Call it big data, if you like. Now it's big business.