VMware to build data centres in Germany and France as vCloud Hybrid Service hits Europe

VMware acknowledges that US government can still get hold of data that is held in European data centres through Patriot Act

Virtualisaiton giant VMware is to build data centres in Germany and France, following the launch of its vCloud Hybrid Service in Europe.

The company had already made clear its intention to build several data centres in Europe to satisfy data privacy legislation across the EU and to allay any fears customers have over data location, at VMworld Europe 2013.

However, it did not state exactly where its data centres would be based, aside from that it would open up its first data centre in Slough in the UK.

In an interview with Computing, Gavin Jackson, VP and general manager of VMware's cloud services EMEA, explained that VMware had put a lot of work into ensuring that it can adhere to data privacy legislation in different countries - and that France and Germany are the next likely destinations for data centres to be built.

"For some like the Netherlands, the laws are very relaxed, while for others like Germany, they are pretty strict. So in terms of a strategy, we look at where our biggest clients are and where the most clients are, and the UK, Germany and France stand out by a country mile," he said.

Jackson stated that there are other emerging markets like Russia and Switzerland which VMware is also considering, but said that "Germany and France are hot on our radar".

Jackson claimed that it was always VMware's intention to "get as close to the customer as possible", suggesting that the strategy to build data centres was not borne out of customers being more wary of data privacy since the NSA-Snowden revelations.

He said that the NSA leaks "hadn't hindered VMware at all", but that customers are not yet completely aware of the distinction between the powers of the NSA and the US Patriot Act.

"Customers are not aware, there is a lot of scaremongering and not a clear distinction between the Patriot Act and NSA. Most customers have got over the Patriot Act because it is mostly for criminal activity and is legislated, whereas the NSA stuff is not something you can legislate to; customers need to be educated that there is a distinction between the two," he stated.

Jackson also acknowledged that building datacentres in Europe will still not stop the US government from being able to get hold of data through the US Patriot Act, but he said it would make it a lot harder for it to do so.

"We will be operating under local legal rules, so it would be much harder for [the US authorities] to ask for it, they need to know what they are looking for. So we can harden ourselves to a degree but as an American company we have to adhere to our federal governors," he claimed.

"Then it is about how much is it we share, and our policy is to share the bare minimum, and what we have as an ability to share is metadata, so it's data on who our customers are, and how many VMs they have and how much storage they have. Beyond that, they don't have access to the database. So there is nothing deeply private they can access that we can hand over on subpoena," he added.