All Tech Considered
Fri June 21, 2013
NSA Leak Could Be Bad Business For U.S. Tech Companies
Originally published on Fri June 21, 2013 5:11 pm
The disclosure of previously secret National Security Agency surveillance programs has left many Americans worried that the privacy of their personal data and communications is in jeopardy.
In an apparent effort to alleviate those concerns, a senior administration official said President Obama's Privacy and Civil Liberties Oversight Board is reviewing U.S. counterterrorism actions to ensure "that the need for such actions is balanced with the need to protect privacy and civil liberties."
For some American companies, the NSA revelations raise separate concerns. Their commercial fortunes could be at risk as a result of disclosures that the companies have been colluding with the U.S. government's sweeping data collection efforts.
"U.S. tech companies have been compelled by the U.S. government, under court order, to do things that really aren't in their shareholders' interest or in their customers' interest," says Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council.
People around the world now know that these companies are turning over to the government some of the personal data they have gathered during the course of doing business. Their reputations may suffer as a result.
"The dream is over," says Richard Stiennon, an industry analyst who covers American technology companies. "The era of U.S. tech dominance in everything from servers to routers to the cloud is facing a crisis of confidence," Stiennon wrote in a recent column for Forbes magazine.
In an interview, Stiennon said he fears one reaction to the NSA revelations will be "to start pulling business away from U.S. tech companies."
Much is at stake. The World Economic Forum, in a report published more than two years ago, observed that personal data — information about likes and dislikes, travel and communications, friends and acquaintances — "is generating a new wave of opportunity for economic and value creation. ... As some put it, personal data will be the new 'oil' ... It will emerge as a new asset class."
The earnings of such companies as Google and Facebook make that prospect clear.
All that personal information, however, is also worth a fortune to intelligence and security agencies. The companies that gather personal data, therefore, almost inevitably get pulled into the surveillance business.
The U.S. government may be no more intrusive than other governments or less likely to regulate surveillance activities. A report issued last month by Hogan Lovells, a Washington- and Paris-based law firm specializing in privacy issues, concluded that U.S. law imposes "as much, if not more" oversight on surveillance as do laws in many European countries. But the reputation of U.S. tech companies may nonetheless be damaged.
"It wouldn't surprise me, it would be very rational, for foreign companies or individuals to just decide to try and avoid American cyberspace where they can," says the Atlantic Council's Healey.
Stiennon, the tech industry analyst, echoes that concern. "Russia and China years ago stopped using Microsoft in their governments and military," he points out. "What if that starts to spread around the world?"
In any case, the reactions to the NSA revelations in the United States are certain to reverberate around the world, especially those concerning the monitoring of Internet communications.
"An overwhelming proportion of Internet activity is still conducted through America or with American businesses," notes Malcolm Crompton, a former privacy commissioner in Australia who now heads his own privacy consultancy. "So the impact of an American legal framework and American transparency and accountability practices [around electronic surveillance] is disproportionately large."
The controversy over collusion between the NSA and U.S. tech companies will have additional consequences in the United States. Many U.S. companies work voluntarily as "trusted partners" with the U.S. government in a joint effort to counter cyberattacks. A question now is whether such collaboration will become more awkward.