What’s the future of GAIA-X?
Ambitious initiatives that, in their early stages, are pushed with excitement in the media and discussed on the political stage, unfortunately have put themselves through some criticism quickly. As much as we wished to report on a new super-competitor in the public cloud market that sets exemplary privacy and regulatory standards while at the same time being able to measure up with the the hyperscalers on a technical level, we must pump the brakes on the hype. GAIA-X still doesn’t have the hoped-for comprehensive relevance in the productive day-to-day life of European companies. In the meantime, the expectations have – fortunately – shifted away from it becoming a true alternative to the hyperscalers: Gaia-X should now rather build a standard framework, that fits both the European data strategy and its implementation. In this regard the initiative is on a good path, albeit quite theoretical.
Although it isn’t appropriate to jump onto the wagon of blanket criticism and bury the initiative due to its lack of impact so far, it is maybe worth having a differentiated debate over the actual situation – giving it a try.
Where does GAIA-X stand today?
GAIA-X (and all the concomitant projects that started in this context), venture into a land that European companies had promptly left in the hands of US-based corporations long ago. Both the IT providers’ aspirations of launching a true hyperscale-cloud in Europe and the users’ highly acclaimed “Cloud First” strategies were fuel to the fire of Amazon Web Services, Google, or Microsoft Azure.
In Europe, the GAIA-X project should have started as a resolute counter-initiative, yet it turned into more of a unification attempt. In the meantime, the hyperscalers are part of the consortium, but the exact extent of their contribution isn’t clear yet.
The foundation for the development of the European infrastructure could be laid down since November 2020, when the first big GAIA-X conference took place. Simultaneously, connections with other initiatives within the European Data Sovereignty, such as the International Data Spaces (IDSA), intensified. The IDSA’s CEO, Lars Nagel, is now also an active supporter of the GAIA-X Leadership Team: this collaboration, mostly symbolic, simultaneously makes the planned distribution of tasks for the projects much clearer. While GAIA establishes the technical framework, the infrastructure, i.e., the “Public Cloud” offer or the Cloud platform, the European standards provide the relevant aspects for data protection.
Thus GAIA-X must no longer be the pivotal point of a data protection-compliant infrastructure but can rather take over more technical tasks.
The results, however, are still to be seen: not a single line of code has been written for the basic services as well as for the underlying services of the “Cloud Platform”. At the latest GAIA-X conference there were first examples of a reference architecture for a smart contract based on which there can be an exchange of data spaces, yet this is still far from being a real beta-product. Simultaneously, there are only 7 blog entries, only one of which dated 2021.
In order to provide some initial support to the use cases, at the moment there is a total active volume of at least €190 million. Should the published schedule (in this case) be maintained, the submitted sketches will have been under review since May 7th in order to provide, in a further step targeted by Autumn 2021, an additional funding of up to €15 million to the most promising projects.
Google Trends Comparison – GAIA-X vs. the Hyperscalers
Compared to the Hyperscalers and even though GAIA-X is quite present in the media, it is far away from public interest of Google, AWS or Azure.
Considering that GAIA-X is not particularly transparent there, either, it is not easy to determine how great of a response there has been around this funding competition. In spite of the lack of answers, stats from Google search results highlight at least that there is a ranking in the German internet users’ interest in GAIA-X compared to its main competitors – the US hyperscalers. AWS and Azure generate a much stronger interest among German internet users, as well as among corporate decision-makers.
Of course, GAIA-X doesn’t have to attain those levels of hype, but the backing of real projects carried out with renowned companies (and not just with their name under a certificate of foundation) is a key success factor. Thus, if all the GAIA-X member companies and the IDS ran part of their workload on this infrastructure, there would immediately be a significant volume of more attractive services on this architecture.
What can GAIA-X promote?
The fact that in Europe and, more specifically, in the German-speaking area, many companies haven’t as of today decided to start their Cloud-transformation, is at least one element that gives GAIA-X a reason to exist.
Many companies have initiated their first pilot projects in the public cloud, using more and more open-source tools within the scope of the Cloud Native Computing Foundation and industriously modernizing their IT infrastructure. However, not many have progressed to the point where the public cloud performs a critical portion of their business workload. The uncertainty and the resentment against the United States-based public clouds are still there. Nevertheless, even though many companies that have already made that step forward have successfully proven that a sustainable business strategy based on modern software can build digital business models and an agile process culture, the potential for development remains immense.
There are still many use cases and even branches that, as of today, are not even on the map when it comes to cloud and true digital innovation. And as long as in theseareas “digital” is still a real random innovation and a one-off, it only makes sense for a new architecture that can make everything more compliant, safer and better to be the right path.
What use cases are actually there?
The most GAIA-X use cases stagnate at a theoretical levels or smolder with a small flame on the background of member companies. But which use cases do actually fit the architecture? With the categorical exclusion of a data infrastructure outside the limits of the European soil and legal area, the large corporations are de facto left out.
In this way, GAIA-X protects an already decreasing number of use cases that can take place purely in Europe.
However, one of the most promising areas of application is the industry — as long as the production takes place in Europe. There are certainly worthwhile ideas here to keep the “hidden champions” in Europe. For example, production plants can be networked with one another, and capacity bottlenecks can be absorbed via the distributed network. Theoretically goods can be produced at any given location, provided the machinery is designed for this purpose. The specifics of each part, as well as the orders, would then be stored in the GAIA-X cloud and produced where they are needed. If, during this, it was also possible to control production in such a way that the logistical processes of delivery are supported and not driven into great chaos, there would be considerable advantages for all parties.
The public administration is the evergreen example for GAIA-X, and it is in fact also one of the most feasible. Many administrations are setting up new island solutions in a very unique bubble of IT infrastructure and digital technology, and these solutions don’t really follow a modern technical standard and are not yet deeply integrated with one another. What they do have in common, however, is the conformity with data protection law and the emulation of the advantages of the real public cloud. The integration and orchestration of the services, however, is still a titanic task that only few administrations and providers of specialized processes can truly carry out.
Regional data hubs are a big role model in the public sector. Here, GAIA-X seems to be extensively established – as long as it can meet the standards. Tourism, mobility, health, industry and co. should be better interconnected in order to give both citizens and companies the chance to access a bigger amount of data. If this succeeds, responsibly and in compliance with a common standard, it will create an incredible day-to-day life potential that would also and undoubtedly work with the technical possibilities of the public or the private cloud with part of the US-based providers, without necessarily needing them in practice.
Is there a reason for GAIA-X to exist at all?
This brings us back to the initial question about GAIA-X – is this well-intentioned initiative really the right approach or actually a great shame for Europe from start to finish?
While the cloud hyperscalers happily align themselves with the other technology giants of the private cloud and data center world as well as with the cloud native community in order to get closer to the use cases of the companies, GAIA-X is literally dealing with itself and has itself among its own ranks of critics.
In contrast with an agile world, that thanks to “Cloud Native” is supposed to transition in autopilot into an innovation journey, GAIA-X is the prime example of an “anti-agile” approach. Discussions to the last detail, dwelling at planning level and unfortunately, as of today, no one that is truly in condition to reignite the initial spark, all stand in stark contrast to the pursuit of automation, digitalization, networking, and innovation. Everyone should be alarmed if even the main actors of the Telekom Group express justified criticism, because this group in particular hasn’t always been able to convince users due to wrong decisions in things regarding the public cloud, missed opportunities and delayed projects. Now they are the ones pointing out shortcomings elsewhere.
Also, other members of GAIA-X or of the automotive subsidiary Catena-X are actually presenting the initiative publicly, because the VW-group, which backs Catena-X as a big sponsor, is intensively reinforcing its partnerships with Amazon Web Services and Microsoft Azure in order to automate its own production and get its a foot in the door of autonomous driving. The belief in the effectiveness of Catena-X should thus be debunked. Real confidence looks different. In this way, today’s public cloud players will determine the infrastructure market of the future. Rulinslike Schrems II tend to somewhat limit sudden growth in Europe. Practice shows, however, that supposedly clear rulings provide everything but clarity. US public clouds are still somehow a little bit allowed, a little bit banned and, in the end, always technically superior. At the latest, when companies become mature enough to read the applicable rules and regulations themselves and to start working with encryption technologies, they will simply deny US authorities the access to their data. When that happens, the very serious promises and evidence of the hyperscalers’ willingness to comply with the applicable data protection regulations and standing up to the USA could prove to be a lie – in fact, data protection compliance would largely be observed.
Future scenarios – a niche cloud or a new direction?
There is a reason for the lack of a noteworthy public cloud in Europe: while here everything turns into debate and paperwork, elsewhere things are simply and successfully translated action.
This way actors keep repositioning themselves. GAIA-X introduces new privacy rules every participant has to follow (no updates as of today), and 1&1 outsources again its IONOS cloud unit in order to try setting up a successful German PaaS offer for the third time. The point of failure never was at the vision or even at the theoretical, technical activities – it was at bringing the initiatives to completion.
All of this hasn’t been, as of today, enough of a warning for GAIA-X – the patient keeps getting pumped with stimulants and medication, for we must not surrender hope.
GAIA-X will most likely never be more than a niche cloud. This means also that the decision-makers should at least keep the initiative on their mind. Because there may be individual, exciting use cases that neither change the world nor its value creation in the long term but that could promise an advantage for them.
On the other hand, the project could be reorganized and steered in the right direction. Following the example of the GDPR, that in spite of not having made everything better has nevertheless claimed status and name as a global model for data protection, GAIA-X could also make sure that these global standards are put into practice.
For instance, GAIA-X could in future become a sort of privacy-PaaS layer that can be deployed on all cloud hyperscalers. Depending on the configuration, the providers’ popular platform services can continue to be used along with infrastructure services. This way the technical advantages, the elasticity and the scalability of the hyperscalers are used and the data issues are clarified more clearly at the same time. This would make GAIA-X not just a concept or an optional framework, but a technology with wide reach in and outside of Europe.
However, this will not work as a new alternative to the existing market powers. Rather, GAIA-X should accept that the market for cloud platforms is here to stay and that there is no chance of entering it. To create continuous improvements, more standards and viable options for how data exchange in hybrid clouds should work, to develop new components and PaaS services that support such use cases or simply to ensure more transparency and competence at a table with the providers, would be far more desirable than to keep putting a lot of money into a suicidal mission.
Instead, the EU should clearly communicate its requirements for the public cloud and leave it up to the market to decide whether a GAIA-X initiative or the hyperscalers better meet them. In terms of data sovereignty at IaaS level, this is already possible today. Here, completely isolated areas can be created on Azure, GCP or AWS using encryption – analogous to a GAIA-X node. Banks, such as Deutsche Bank on the Google Cloud, are already successfully using it.
If Europe, and explicitly Germany, stall on GAIA-X, this would block the work with the hyperscalers, thus reducing their weight in the EU. However, this also means that the requirements of the EU and European companies (for example administrating exclusively from the EU region without possible data transfer to the USA) will become less and less important for the hyperscalers. Ultimately, the EU is completely dependent on itself. A nightmare for digital ambitions in an increasingly global culture.