Gartner Blog Network

Gmail, Macquarie, and US regulation

by Lydia Leong  |  January 12, 2010  |  6 Comments

Google continues to successfully push Gmail into higher education, in an Australian deal with Macquarie University. (Microsoft is its primary competitor in this market, but for Microsoft, most such Live@edu represent cannibalization of their higher ed Exchange base.)

That, by itself, isn’t a particularly interesting announcement. Email SaaS is a huge trend, and the low-cost .edu offerings have been gaining particular momentum. What caught my eye was this:

The university was hesitant to move staff members on to Gmail due to regulatory and cost factors. They were concerned that their email messages would be subject to draconian US law. In particular, they were worried about protecting their intellectual property under the Patriot Act and Digital Millennium Copyright Act, Mr. Bailey said. “In the end, Google agreed to store that data under EU jurisdiction, which we accepted,” he said.

That tells us that Google can divide their data storage into zones if need be, as one would expect, but it also tells us that they can do so for particular customers (presumably, given Google’s approach to the world, as a configurable, automated thing, and not as a one-off).

However, the remark about the Patriot Act and DMCA is what really caught my attention. DMCA is a worry for universities (due to the high likelihood of pirated media), but USA PATRIOT is a significant worry for a lot of the non-US clients that I talk to about cloud computing, especially those in Europe — to the point where I speak with clients who won’t use US-based vendors, even if the infrastructure itself is in Europe. (Australian clients are more likely to end up with a vendor that has somewhat local infrastructure to begin with, due to the latency issues.)

Cross-border issues are a serious barrier to cloud adoption in Europe in general, often due to regulatory requirements to keep data within-country (or sometimes less stringently, within the EU). That will make it more difficult for European cloud computing vendors to gain significant operational scale. (Whether this will also be the case in Asia remains to be seen.)

But if you’re in the US, it’s worth thinking about how the Patriot Act is perceived outside the US, and how it and any similar measures will limit the desire to use US-based cloud vendors. A lot of US-based folks tell me that they don’t understand why anyone would worry about it, but the “you should just trust that the US government won’t abuse it” story plays considerably less well elsewhere in the world.

Category: industry  

Tags: google  regulatory  

Lydia Leong
VP Distinguished Analyst
16 years at Gartner
23 years IT industry

Lydia Leong covers cloud computing and infrastructure strategies, along with a broad range of topics related to the transformation of IT organizations, data centers, and technology providers.Read Full Bio

Thoughts on Gmail, Macquarie, and US regulation

  1. […] Gmail, Macquarie, and US regulation Tags: […]

  2. Social comments and analytics for this post…

    This post was mentioned on Twitter by glambert: Reading: “Gmail, Macquarie, and US regulation” – | Patriot Act and DMCA, and “just trust us”…

  3. Saqib Ali says:


    As you mentioned, this seems a departure from Google’s philosophy of One Cloud, One Storage.

    Do you know how Google is planning to achieve this? Do they have provisions for meta-tagging content, such that it doesn’t leave certain boundaries?


  4. […] This post was mentioned on Twitter by Greg Lambert, Susan Moore, Naheed Nenshi, Fabian Nagel, sheehan alam and others. sheehan alam said: fact of the day: $goog stores your gmail data in europe, because of stupid US laws – […]

  5. Brian Prentice says:

    Lydia – data sovereignty is a huge issue emerging in cloud computing outside the US. I hear it all the time.

    To your point, maybe US readers should consider the point you’re raising about the competitive disadvantage that the US Patriot Act poses to US-based cloud providers in relationship to the Google’s just announced problems with cyber attacks in China. How comfortable is everyone with data located in China? Well, the same question is being posed about the US.

  6. Marc Bailey says:

    Hi Lydia, thanks for picking up our story.

    Although the USA Patriot Act is alarming from civil libertarian and intellectual property perspectives, to be fair the US is not alone. For example the NSW State Records Act in Australia mandates that record data must be stored on NSW soil.

    Data is energy/bit based, not matter/atom based so the very idea that it “resides” anywhere is fundamentally problematic.

    My view is that Governments in all countries have a long way to go to catch up with cloud thinking. If the mantra of cloud is “I just don’t care”, the problem is the mantra of governments is “We care deeply”. Archaic parchment-based laws that talk about data as being “on sovereign soil” fail to recognise there are only two things that matter – identity and encryption.

    – Marc

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.