by Trevor Timm
Privacy may not be the only casualty of the National Security Agency's massive surveillance program. Major sectors of the US economy are reporting financial damage as the recent revelations shake consumer confidence and US trade partners distance themselves from companies that may have been compromised by the NSA or, worse, are secretly collaborating with the spy agency. Member of Congress, especially those who champion America's competitiveness in the global marketplace, should take note and rein in the NSA now if they want to stem the damage.
The Wall Street Journal recently reported that AT&T's desired acquisition of the European company Vodafone is in danger due to the company's well-documented involvement in the NSA's data-collection programs. European officials said the telecommunications giant would face "intense scrutiny" in its bid to purchase a major cell phone carrier. The Journal went on to say:
"Resistance to such a deal, voiced by officials in interviews across Europe, suggests the impact of the NSA affair could extend beyond the diplomatic sphere and damage US economic interests in key markets."
In September, analysts at Cisco Systems reported that the fallout "reached another level," when the National Institute of Standards and Technology (NIST) told companies not to use cryptographic standards that may have been undermined by the NSA's BULLRUN program. The Cisco analysts said that if cryptography was compromised "it would be a critical blow to trust required across the Internet and the security community."
This forecast was proven true in mid-November, when Cisco reported a 12 percent slump in its sales in the developing world due to the NSA revelations. As the Financial Times reported, new orders fell by 25 percent in Brazil and 30 percent in Russia and Cisco predicts its overall sales could drop by as much 10 percent this quarter. Cisco executives were quoted saying the NSA's activities have created "a level of uncertainty or concern" that will have a deleterious impact on a wide-range of tech companies.
It is hard for civil libertarians to shed tears over AT&T losing business because of NSA spying, considering the company allowed the NSA to directly tap into its fiber optic cables to copy vast amounts of innocent Americans' Internet traffic. AT&T was also recently revealed as having partnered with both the DEA and the CIA on separate mass surveillance programs. It is also hard to feel sorry for Cisco, which stands accused of helping China spy on dissidents and religious minorities. But the fact that the spying is hurting these major companies is indicative of the size of the problem.
This summer, European Parliament's civil liberties committee was presented with a proposal to require every American website to place surveillance notices to EU citizens in order to force the US government to reverse course:
"The users should be made aware that the data may be subject to surveillance (under FISA 702) by the US government for any purpose which furthers US foreign policy. A consent requirement will raise EU citizen awareness and favour growth of services solely within EU jurisdiction. This will thus have economic impact on US business and increase pressure on the US government to reach a settlement." [emphasis ours]
Meanwhile, Telenor, Norway's largest telecom provider has reportedly halted its plans to move its customers to a US-based cloud provider. Brazil seems to be moving ahead to create its own email service and require US companies locate an office there if they wish to do business with Brazilian customers.
Laws like this mean that companies like Google "could be barred from doing business in one of the world's most significant markets," according to Google's director for law enforcement and information security at Google, Richard Selgado. Google has been warning of this as far back as July, when in FISA court documents it argued that the continued secrecy surrounding government surveillance demands would harm its business.
Many commentators have been warning about the economic ramifications for months. Princeton technologist Ed Felten, who previously at the Federal Trade Commission, best explained why the NSA revelations could end up hurting US businesses:
"This is going to put US companies at a competitive disadvantage, because people will believe that U.S. companies lack the ability to protect their customers--and people will suspect that U.S. companies may feel compelled to lie to their customers about security."
The fallout may worsen. One study released shortly after the first Edward Snowden leaks said the economy would lose $22 to $35 billion in the next three years. Another study by Forrester said the $35 billion estimate was too low and pegged the real loss figure around $180 billion for the US tech industry by 2016.
Much of the economic problem stems for the US government's view that it's open season when it comes to spying on non-U.S. persons. As Mark Zuckerberg said in September, the government's position is"don't worry, we're not spying on any Americans. Wonderful, that's really helpful for companies trying to work with people around the world." Google's Chief Legal Officer David Drummond echoed this sentiment last week, saying: