Somehow, I think foreign organisations have always known or at least suspected and taken appropriate measures to guard against NSA/GHCB/Echelon/ASIO whatever evesdropping. Even terrorist organisations. Its just the you and me everyday saps that have just found out. And there's not much we can do about it.
I was talking to a potential client 2 days ago, they provide SaaS to a number of clients, and up until now this has always included data storage.
One of the projects we discussed involved, for a specific customer, moving data storage off the current (US based) server and onto their customer's servers in their own country.
Anecdotal, but still I am really small fish on the far edge of the world, I cannot imagine the reaction where the bigger fish are swimming.
The difference between 'suspected that our confidential data may be compromised by a third party if you believe all the conspiracy theories' and 'know absolutely that our confidential data is being compromised by a third party as we speak' turns out to be pretty big, and worth a lot to international companies who value the commercial value of their private data.
