SAN FRANCISCO: Suggestions that the UK government is looking to limit the use of encryption technologies have been branded "commercially naïve" by cloud firm Box.
The concerns were raised by David Quantrell, Box’s vice president for Europe, while speaking to V3 at the company’s BoxWorks 2015 event in San Francisco.
“The UK government is making some interesting statements about encrypted data. Some of them just seem almost commercially naïve,” he said.
David Cameron insinuated earlier this year that he would consider banning the use of services such as WhatsApp and Snapchat that use encryption, while security officials have said that encryption poses a major threat to public safety.
Quantrell acknowledged that this is a “challenge” to the government, but that it has to recognise that information flow, and the security that governs this, is now part and parcel of the business world and needs to be maintained.
"The discussion has to develop and, from the government's perspective, they have to develop it in the context of the bigger world," he said.
"It's a world where, in order for a company to be successful, they have to be agile, they have to share information and move it around the world. They do it already actually, and in many ways people haven’t got their minds around it."
Quantrell added that there is a risk that introducing new laws that undermine the technologies being used to offer new, innovative services could damage the economy. He noted, for example, that new banking businesses are setting up and using technology to compete with long-standing rivals.
“If you look at agile companies like Challenger Banking, they're setting up with very different infrastructure that allows them to be competitive in a very different way and challenge the status quo,” Quantrell said.
Box itself would be affected by any moves to limit encryption use. The online storage provider offers encryption in its Enterprise Key Management service, which allows a customer to hold one of two encryption keys used on its data held by Box.
This means that Box could not turn over data requested by a government agency without the customer being involved and aware of what was being requested.
“Investment banking tend to be very interested in that, and other very compliant industries, and from an EU perspective, our UK or German customers too as it means they can actually hold the keys,” Quantrell added.
Data centre decisions
Quantrell also said that Box is closely watching development in several areas of the data protection and privacy arena, such as new European data protection laws and Microsoft’s cloud data access case with the US government.
While that case could mean that the US government could always access data if stored on EU soil, Quantrell said that Box is still investigating the best way to add an EU data centre presence to its services, something it does not currently offer.
He explained that the company has spent the past 18 months working on its underlying infrastructure so that Box can manage content between locations as and when required as part of this move, and is considering the best locations for any new site.
“We now have an ability to relocate parts of content, for instance, and we are just exploring what we might want to do with that,” Quantrell said.
“I think ultimately people will choose where they want to put their data and I think there will be a point where we end up putting a [European] data centre, or data centres, in place."
Despite issues such as encryption and government data access, Box continues to sign up sizeable customers, such as a major deal announced with The Coca-Cola Company last week for 22,000 users.
Intel wants to get inside your car, despite missing out on mobile
'We'll keep fighting to fight to keep the web free and open,' claim EFF
Breached in March by the same attackers, claim 'insiders'
And all for less than £150, according to Keith