A canned Verizon deal in Germany is the first concrete evidence that US cloud and telecoms providers’ fears are on the mark: the exposure of US surveillance will harm their international business.
Germany’s federal government has cancelled a key telecoms contract with US provider Verizon as part of a reorganisation following debate in the country over US government mass surveillance.
Germany’s Interior Ministry announced on Thursday it had terminated a Verizon contract under which it managed communications of the nation’s ministries through a secure exchange between Germany’s political centres, Berlin and Bonn.
Verizon had already been notified that its contract would would be phased out, however the ministry noted the decision was made following a review canvassing increased threats to its networks from trojans and “relationships of foreign intelligence services and companies” exposed by former NSA contractor Edward Snowden.
Those threats placed “particularly high demands” on the government to ensure the safety of its critical communications networks, prompting not just a modernisation of its existing networks but a reorganisation of current partnerships.
Deutsche Telekom, which is responsible for the nation’s most sensitive communications, will replace services provided by Verizon, according to Reuters.
Verizon’s contract expires in 2015 and was terminated in part because Germany suspects the company is obliged to hand over information to the NSA.
"There are indications that Verizon is legally required to provide certain things to the NSA, and that's one of the reasons the cooperation with Verizon won't continue," Interior Ministry spokesperson Tobia Plate told Associated Press.
Last year Verizon was found to be subject to a secret order issued by the US Foreign Intelligence Surveillance Court to hand over phone call metadata on calls from the US to overseas as well as within the US; however it was not required to hand over calls terminating or originating in foreign countries.
The canned contract comes amid an increasingly vocal push back from US cloud and telecoms providers against US surveillance laws, which they claim is harming business opportunities abroad.
Verizon recently backed Microsoft’s fight against a warrant issued by a US magistrate that orders the company to hand over email stored in its Irish data centre for a government criminal investigation. In a brief supporting Microsoft, Verizon’s lawyer warned that if the government were to obtain the email, it would have “an enormous detrimental impact on the international business of American companies.”
Verizon Germany’s managing director Detlef Eppig told the Washington Post that it is a German company that complies with German law. The executive pointed to a Verizon blog post detailing its obligations under the US Patriot Act, which states that the law “does not grant the U.S. government access to customer data stored in the cloud; it only applies to business records of the cloud provider itself.
On the other hand, the same blog post claims that search warrants and subpoenas “cannot be enforced outside the U.S.”.
Whether Verizon is correct will depend on the outcome of Microsoft’s current Federal Court challenge to the Store Communications Act warrant that it has been served.
Follow Liam Tung on Twitter @liamT
This article is brought to you by Enex TestLab, content directors for CSO Australia.Read more: Portal targets large-scale risk management on Internet of Things
CSO Perspectives Roadshow 2014 | September Melbourne, Canberra, Sydney | register today