Exit ability is the whole point of these mandates, whatever the competition framing says. Without a credible way to leave, a buyer has no real leverage over a hyperscaler’s resilience or security decisions, and Singapore has no DMA to pry that open, so the lever here has to be procurement: contractual exit paths that someone has actually tested, not the architecture-diagram version of multi-cloud that falls apart the moment you trace where the data really sits. I’d watch the second-order effect closely, because every portability and interoperability interface these providers are now forced to build is a new standardised egress path, and standardised egress serves lawful exit and quiet exfiltration equally well.
Exit ability is the whole point of these mandates, whatever the competition framing says. Without a credible way to leave, a buyer has no real leverage over a hyperscaler’s resilience or security decisions, and Singapore has no DMA to pry that open, so the lever here has to be procurement: contractual exit paths that someone has actually tested, not the architecture-diagram version of multi-cloud that falls apart the moment you trace where the data really sits. I’d watch the second-order effect closely, because every portability and interoperability interface these providers are now forced to build is a new standardised egress path, and standardised egress serves lawful exit and quiet exfiltration equally well.