Updated Sustained violations of civil liberties at home and abroad? Yawn. The manifestation of Orwell's nightmares? Snooze. The potential loss of scads and scads of money? Egad, we should really do something about this!

That's the gist of a report published on Monday assessing the likely commercial fallout for the US cloud computing industry because of the NSA data-slurping revelations.

Spying by the NSA could cost the US cloud computing industry between $22bn and $35bn over the next three years, according to Washington think tank, the Information Technology and Innovation Foundation (ITIF), whose website happens to be down this Tuesday morning.

In a report entitled "How Much Will PRISM Cost the US Cloud Computing Industry?" ITIF analyst Daniel Castro predicts that "the disclosures of the NSA's electronic surveillance may fundamentally alter the market dynamics" for US cloud companies in Europe and elsewhere.

Non-US cloud companies have been able to sow fear, uncertainty, and doubt (FUD) about US clouds due to the data-slurping provisions in the USA PATRIOT Act, but the NSA revelations now give these cloud naysayers more ammunition than ever before.

Castro reckons US companies could lose out between 10 and 20 per cent of the foreign cloud market to European or Asian competitors by 2016.

The estimates are based on a Cloud Security Alliance survey that was conducted this June and July, which found that 10 percent of non-US resident companies had cancelled a cloud project due to NSA concerns, and 56 percent said they were less likely to use a cloud service. This combines with a few European cloud providers crowing about an uptick in subscribers plus overall numbers on the differing sizes of markets and projected growth rates to create ITIF's estimate.

Due to the clandestine nature of the cloud industry – Amazon, for example, submerges AWS revenue in a nebulous "other" category, and Microsoft has buried Azure so deep in its balance sheet its impossible to get a rough estimate on that cloud's revenue – making these predictions is difficult. "We don't have great data on what this could be," Castro tells The Register.

However, while writing the report Castro did speak with some cloud providers. "There's no one on the record that I want to quote in the paper, but I've heard anecdotally that companies are already hearing about this issue from clients," he says. Few companies want to be quoted publicly about this, though a month ago the chairman of cloud integration company SnapLogic did tell us that the spying revelations were "killing us in Europe."

To deal with the fallout and help US companies make more cash, the US government should declassify more information about the NSA spying programs, Castro suggests. Given the cognitive disconnect between the spy apparatus and declassification, we wonder how likely this is.

The fortunes of US cloud companies are, for the time being, cloudy. ®

Update:

When asked whether Amazon Web Services had detected any concern among its cloud customers, a spokesperson told us: "Amazon is not a participant in the [PRISM] program but I can tell you that the demand for AWS services worldwide, including Europe and Asia, has never been greater."

Huddle, a cloud-based collaboration platform, told us that it has been on buyers' minds, but co-founder Andy McLoughlin said via email: "Huddle... offers customers a choice of data domain in which to store their data; US or European. We think this will become increasingly important as customers become more sophisticated and data privacy laws become more complex."