[bluejekyll]

The thing that concerns me is the possible implications this may have on the ability of US based companies to operate saas services for customers in Europe. Following this to its logical conclusion, it could create two seperate internets, where one services the US and the other Europe stifling innovation and limiting adoption of new technologies.

We already have to deal with the walled garden of China, are we seeing the beginnings of something similar with Europe?

[TazeTSchnitzel]

"Stifling innovation"? I doubt this is the case. It is actually possible to run data centres in multiple countries, in fact.

Privacy is more important, anyway.

[bluejekyll]

For any company, putting feet on the ground in multiple countries is cost prohibitive. So are you implying that running data centers in multiple countries is somehow cheap? Obviously using public cloud infrastructure is the only option for small companies, but it still means operating more assets than otherwise necessary.

I'm not debating privacy btw, just the concern over operational cost. There are other ways to secure data that are far better than simple data residency laws.

[TazeTSchnitzel]

Companies have multiple datacentres anyway to avoid latency

[bluejekyll]

But not in every country... To reduce latency, it's much cheaper to reach customers in that last mile with CDNs, not replicating your entire infrastructure and all of you data stores.

[dingaling]

There is already a "soft firewall" in the opposite direction because US companies are often reluctant to use European data centers.

Where I worked previously we included the geographic questions at the start of our standard RFI document. In asset least one case we had to drop the technically-best SaaS product because they only had data centers in France.

Even using Canadian or Australian data centers was often problematic. For employee data we could require that individual to provide consent for cross-border transfer as part of their contract but that wasn't possible for customers.