Cost of GCSB Bill could be hundreds of millions in lost opportunity for NZ ICT industry

OK, yes, I’ve changed my view. 

The GCSB & TICS bills do have a potential to significantly damage a fledgling ICT industry in New Zealand not only now, but also in terms of future opportunity.  

I’ve been challenged to try and quantify that, so I’m using the recent ICT report on the state of the Industry in New Zealand as a base along with international trends.

Let’s start with the basic summary from that report, New Zealand Sectors Report 2013: Information and Communications Technology.

The report notes key themes in technology which are, from the top, Cloud Computing, Cyber Security / Privacy, Internet of things / remote sensing, and Big data. These are the four areas we are interested in that are likely to be impacted by the change in law around GCSB and TICS and are collectively Cloud driven.

Now, in 2012, the total ICT industry was worth $8.4 billion with a total export of $745 million. Of that export figure, $575 million was related to those four key theme areas. So that is the total amount of money that the industry has at risk as of 2012.

Let’s look at growth.

Gartner estimated in February 2013 that we’d see a total spend of $US677 billion globally for this year. Growth on IaaS (the lowest tier of Cloud Services) is expected to be in the region of 43%.

Other analyst reports show a total growth of 16.93% CAGR year on year until 2016. Let’s apply the more conservative 16.93% CAGR to our current export market for related ICT services.

• 2013: $672m
• 2014: $786m
• 2015: $919m
• 2016: $1.1b

This means over the next three years we have a potential of $2.4B, just for those four key theme areas, let alone the rest of the industry.

Now, there are a couple of opportunities that I want to add in here. One is New Zealand Government Cloud Computing and the other is Cloud growth driven by the NSA & PRISM scandal.

The Department of Conservation created a Business Case for All of Government Cloud Computing, which was signed off and established a Government Cloud Programme that was handed to the Department of Internal Affairs for execution. You can see how that is progressing by visiting the Government ICT website.

The original business case identified a number of areas where savings could be made as a result of a central government approach to using Cloud services. The total spend of Government ICT at the time of writing was $1.9B. That was estimated to be broken into:

• End user support $170m
• Manage and Administer $126m
• Planning & Strategy $90m
• Application Maintenance $290m
• Application Development $450m
• Infrastructure Management $530m
• Infrastructure Development $270m

As a first stage, that Infrastructure layer, it was estimated with a government cloud the savings could be $150M per annum. So, conservatively, that means that there was a reduction in spend in Infrastructure from $800 million per annum to $650 million per annum. I think this is reasonably accurate given moving to cloud sees a second year reduction in cost of 85% on average, but it takes money and time to transition.

So that means if Government gets a Cloud up and running, then the injection into the ICT industry locally is worth hundreds more millions of dollars (as opposed to the current practice of buying infrastructure from large global ICT providers). Let’s be conservative:

• 2013: $672m + 10% total spend of infrastructure ($650m) new total = $737m
• 2014: $786m + 20% total spend of infrastructure ($650m) new total = $943m
• 2015: $919m + 40% total spend of infrastructure ($650m) new total = $1.3b
• 2016: $1.1b + 60% total spend of infrastructure ($650m) new total = $1.8b

Yes I know it’s not that scientific, but you start to get the idea of the value of the ICT industry which now has a potential of $4.8 billion over the next three years, just for those four theme areas.

Now let’s add in the real kicker. The flood of companies that are leaving or planning to leave the United States as a result of the NSA and PRISM spying. Ten percent have cancelled contracts and moved to “safer” nations and another fifty percent are looking to leave. The PRISM scandal has a potential impact on the US cloud services market of $180 billion this year aloneaccording to Forrester. That’s being driven by companies immediately moving or planning to move out of the US Cloud Services.

We have seen a flood of companies moving to Switzerland, as I’ve noted before, with their cloud services market doublingin the last two months alone. Here is the opportunity. If we were seen as a safe haven we could see our cloud revenue double in months. For the year 2013, we could have seen our service revenue for cloud double to nearly $1.5B. It’s a massive opportunity we are missing right now.

People and companies are moving their cloud computing workloads to countries that do not have a wholesale surveillance mechanism looking at communications.

Now, this kind of growth can only occur if two things happen. The first is that government commits to moving at least their infrastructure to cloud and the second is that the GCSB and TICS bill doesn’t pass in its current form.

Here are the two threats.

First, government is unreasonably paranoid about moving to Cloud services. When we talk about the Customs Business Case that evolved into the Government Cloud Programme, it is worth remember that it was predicated on cloud services within New Zealand. I.e. The government is very nervous about storing data offshore. As I have said before, Cloud security is generally stronger, better, and faster than what individual companies can build.

The PRISM and NSA scandal have given further ammunition to every Government ICT organisation in town not to move to Cloud. The GCSB and TICS bill further damages that confidence given that it basically installs similar technology to PRISM, although the mechanics of getting to the data are a little different. Point is, the perception is that it is the same.

Let’s take that further. New Zealand is currently already being painted into the PRISM scandal globally, any further strengthening of that view will rule New Zealand out as a safe haven for data (unlike Switzerland for example).

The cost of that lost opportunity could be as high as $750 million just this year. Over the next three years, over $2 billion.

Here is the cloud sector again: cloud computing, cyber security / privacy, internet of things / remote sensing, and Big data. Every last one of them is impacted by this bill and our relationship with the Five Eyes.

Yes yes yes, I know this could be calculated better, its all very amateur, but the point is, we are talking conservatively hundreds of millions in lost opportunity, jobs, and investment if this bill is passed and we are painted up with the US and PRISM as a result.

Can we afford to take that risk? Shouldn’t we be talking about the implications of this bill a little more slowly instead of rushing it through?

Ian Apperley is an independent cloud computing consultant. He posts at whatisitwellington.com.