The federal government stands accused of sending blended messages about its dedication to positioning the UK as a expertise superpower, after publishing steerage that can pave the way in which for extra public sector our bodies to host their workloads and purposes in abroad cloud environments.
The Division for Science, Innovation and Expertise’s (DSIT’s) abroad information steerage dropped on 5 February 2025, and states that public sector organisations can use cloud providers which can be hosted in datacentres exterior of the UK for “resilience, capability and entry to innovation” causes.
This aligns with the steerage’s broader advice that public sector our bodies undertake a “thought of and managed” multi-region strategy to internet hosting their purposes and workloads, which is appropriate with UK legislation.
“Beneath the federal government’s cloud-first coverage, organisations ought to take into account the most effective place to retailer and course of information as non-UK providers may be less expensive, extra sustainable or have extra options out there, in addition to present another location for catastrophe response plans,” the four-page DSIT steerage doc said.
This steerage is designed to “reinforce current laws” and doesn’t represent a change in coverage, stated DSIT, with the organisation stating that some public sector our bodies can have been storing information abroad for greater than a decade. “Authorities has had a cloud-first coverage since 2013, [and] this predates most of the UK areas from the cloud distributors and due to this fact organisations might have already hosted information [classified as] ‘Official’ in abroad areas,” the steerage said.
That is regardless of the Authorities Safety Classification Coverage (GSCP) having, till an replace in June 2023, tight restrictions relating to the usage of non-UK cloud providers, Owen Sayers, an enterprise architect with greater than 20 years’ expertise in delivering nationwide policing methods, advised Pc Weekly.
“It’s clear this [DSIT] steerage acknowledges that regardless of these restrictions, the UK authorities has pushed loads of important eggs into these offshore cloud platforms, and it ought to be clear that this was finished regardless of the [GSCP] coverage saying not to take action,” stated Sayers. “The [government’s] strategy now appears to be that ‘we’re the place we’re’ and to double down on persevering with to take action.”
The prevalence of abroad datacentre use
It’s tough to say with any certainty how prevalent the usage of abroad datacentres might have been by public sector our bodies as much as the purpose of DSIT’s steerage popping out.
The cloud-first coverage, in the meantime, is remitted throughout central authorities and credited with accelerating adoption of off-premise applied sciences all through Whitehall since its introduction in 2013.
In different elements of the general public sector, the place organisations are merely strongly inspired to observe the cloud-first coverage, anecdotal studies recommend it has had a much less potent influence.
What we do know is that the quantity of public sector information saved on cloud servers owned and operated by firms with the potential to host it abroad markedly elevated following the opening of UK datacentres by public cloud giants Amazon Internet Companies (AWS) and Microsoft in late 2016.
Within the wake of that growth, numerous home UK cloud suppliers noticed a marked downturn in demand for his or her providers, as public sector patrons jumped ship and migrated over to AWS and Microsoft.
Proof of that may be seen within the authorities’s Digital Market figures, which doc the quantity of cloud spend transacted by the general public sector G-Cloud procurement framework.
Its figures present that AWS had secured simply £2.93m in the course of the 57-month interval between the framework making its debut in March 2012 and Amazon opening its first UK datacentre area in December 2016. Within the 57 months after AWS opened its UK datacentre, the corporate had banked £149m in G-Cloud gross sales. To-date, AWS has accrued £1.1bn in public sector spend by G-Cloud.
G-Cloud gross sales information
Microsoft’s G-Cloud gross sales information follows the same pattern, with the corporate making a modest sum of money from the framework earlier than the opening of its UK datacentre in September 2016.
On the time, the corporate’s UK cloud area was spoken about by Microsoft representatives within the nationwide press as permitting public sector our bodies to make use of its cloud providers whereas guaranteeing their information stays within the UK.
Nevertheless, reporting by Pc Weekly revealed in the summertime of 2024 a disclosure by software program big Microsoft that it couldn’t assure the sovereignty of policing information saved in its public cloud.
On the time, the corporate declined to touch upon whether or not it may assure sovereignty for different types of public sector information, prompting questions on how a lot of the UK authorities’s IT property might have already been offshored to abroad datacentres.
In mild of the Microsoft disclosures, what makes the DSIT steerage “exceptional” in Sayers’ view will not be the truth that it would result in elevated utilization of abroad cloud compute sources by the general public sector.
“We all know they’ve been doing that for years, however what makes this a exceptional piece of steerage is that it particularly says ‘don’t purchase British if you will get it cheaper elsewhere’, and ‘when you search innovation, you’ll most likely have to hunt it elsewhere”, he stated.
It’s not tough to see why Sayers would come to that conclusion, given the steerage doc’s opening line reads: “So as to present resilience, capability and entry to innovation, organisations may have to make use of cloud and software-as-a-service options exterior of the UK.”
What makes this admission all of the extra startling for Sayers is that it comes scorching on the heels of a run of presidency bulletins about its plans to rework the UK right into a expertise superpower, with specific emphasis on constructing out the nation’s experience in synthetic intelligence (AI).
Motion plan
The UK authorities’s 50-point AI alternatives motion plan, which dropped in mid-January 2025, encompasses a dedication to constructing sovereign AI capabilities within the UK by huge investments in creating supercomputing amenities that can improve the nation’s high-performance computing (HPC) capability 20-fold by 2030.
The motion plan additionally encompasses a authorities dedication to develop a long-term compute technique to make sure the UK has the datacentre infrastructure capability it wants to grasp its AI ambitions, and units out an intention to create so-called AI development zones throughout the nation.
These zones can be sited in specifically designated elements of the UK which have “enhanced entry to energy and assist for planning approvals”, as detailed within the motion plan doc, as a part of a broader push by the federal government to fast-track UK datacentre developments.
How do these commitments sq. with the steerage’s contents that public sector organisations is likely to be higher off making use of abroad datacentres, requested Sayers.
One other a part of the steerage states that “not all areas from a cloud supplier are equal”, with some providing higher pricing, a wider vary of providers, entry to extra compute capability, or enhanced uptime and resiliency. In DSIT’s view, because of this public sector organisations shouldn’t be limiting themselves to utilizing UK-based cloud areas.
“The federal government is sending out blended messages right here, as a result of the Prime Minister, Chancellor and the DSIT ministers are all selling the UK as a frontrunner of innovation and synthetic intelligence, whereas this piece of steerage says you’ll most likely must go abroad to search out that,” continued Sayers.
British provider backlash
It’s not simply Sayers who feels that approach, as Mark Increase, CEO of UK-based cloud providers supplier Civo, described the DSIT steerage as dangerous information for the UK economic system, whereas additionally mentioning how contradictory it reads within the wake of the UK’s latest run of AI bulletins.
“This steerage from the federal government is dangerous for British enterprise, dangerous for the UK’s economic system, and worse for presidency departments,” he stated.
“DSIT says it desires to champion the UK’s fast-growing tech market, however is seemingly discouraging public sector our bodies from selecting British companies. As an alternative, it’s channelling taxpayers’ hard-earned money offshore and additional disincentivising tech funding into the UK.
“Over time, we’ve given away so lots of our industries,” stated Increase. “Now, on the point of one other industrial revolution, the federal government appears intent on doing the identical with AI. This isn’t solely incorrect, however probably harmful.”
Boosting competitors
In an announcement saying the steerage’s roll-out, DSIT stated supporting public sector organisations with transferring extra of their information out to abroad datacentres will increase competitors and produce about IT resiliency advantages, with out compromising the UK’s strict information and safety protections.
Nevertheless, these assurances don’t maintain a lot sway with Increase. “The steerage might make gestures at satisfactory information safety and safety practices, however the truth is that if an organisation is processing its information on international soil and transferring it throughout borders, then that information may be topic to international legal guidelines.”
“For presidency departments dealing with delicate information – together with on well being and nationwide safety – that is an unacceptable degree of threat,” he stated.
The place DSIT will get proper with its steerage is the place it talks in regards to the want for public sector organisations to construct multi-region resiliency into their cloud deployments to make sure uptime for important methods, stated Increase.
“However there are many suppliers within the UK who may fulfill this,” he stated. “We now have a thriving ecosystem of cloud suppliers who’re starting to supply totally sovereign options for each the private and non-private sectors.”
And what these suppliers want is the complete assist of the federal government, fairly than steerage advising public sector IT patrons to look abroad to entry the cloud computing providers they require.
“The federal government ought to be supporting British enterprise and investing in our sovereign capabilities, boosting our resilience by nurturing an ecosystem of homegrown suppliers,” stated Increase. “As an alternative, they appear to be encouraging public our bodies to look elsewhere on the expense of our information safety, and our tech economic system.”
Nicky Stewart, senior adviser to the Open Cloud Coalition, which champions competitors within the public cloud market, advised Pc Weekly she agrees with the steerage’s view that public providers are being held again and made much less resilient by poor expertise.
What she is much less satisfied about are the aggressive advantages being touted by DSIT in its steerage. In her opinion, if the federal government has competitors considerations about cloud, it ought to be appearing as a substitute on addressing the purple flags raised by the Competitors and Markets Authority (CMA) in regards to the maintain the US hyperscalers have on the UK cloud market.
“We agree [with the government] that public providers are being held again and made much less resilient by poor expertise [and] one of the simplest ways to repair the state of affairs is to behave on anti-competitive practices recognized by the CMA,” she stated. “A extra aggressive market will foster innovation, funding and job creation, and finally drive long-term worth for the general public sector, and for taxpayers.”
Pc Weekly contacted DSIT for a response to the feedback made on this story, notably about what the steerage alerts in regards to the power of the federal government’s dedication in the direction of supporting homegrown cloud suppliers.
In response, a DSIT spokesperson stated the federal government is “totally dedicated to fostering a aggressive and resilient cloud market” that “helps each home and worldwide suppliers” and considers the nation’s datacentre sector to be a key part of the UK’s digital economic system.
“We’re actively driving development by attracting world funding, with billions already secured for datacentre growth and enlargement, enhancing each infrastructure and nationwide safety,” the spokesperson added.
“Utilizing abroad datacentres strengthens total resilience, and our multi-region cloud steerage provides public sector organisations the pliability to pick the most effective cloud internet hosting options – whether or not that’s within the UK or abroad, prioritising efficiency, value and reliability whereas guaranteeing safety and compliance.”
