Another NSA strike against USA tech biz

In July, I wrote a blog post quoting a CSA (Cloud Security Alliance) survey which found that 10% of 207 officials at non-US companies have canceled contracts with US service providers following the revelation of the NSA spy program in June.

Ten percent off the top? That was July. Back then, NSA whistleblower Edward Snowden promised further revelations on the US spy-agency's activities.

Now? As the Washington Post put it in a recent article: "Every week seems to bring another revelation about the National Security Agency's global panopticon. And each disclosure makes it harder to extend the agency the kind of trust and latitude that good intelligence work requires."

How bad is it?

The Washington Post is being kind. Accusations of NSA-spying have piled up hard, fast, and violent--like successive car crashes. It appears the three-letter-agency was tapping German Chancellor Angela Merkel's mobile phone...since 2002. Germans are so furious that some politicians have suggested that Europe's most prosperous country offer asylum to Edward Snowden.

But the latest accusation is catalytic. Documents provided to the Washington Post by Snowden claim the NSA infiltrated the overseas cloud networks through which Yahoo and Google move their petabytes of data, which includes users' e-mail.

"The NSA's snooping has infuriated US allies, and it may complicate trade negotiations with the European Union, wrote the Post. "US technology companies shouldn't be surprised if their products become less popular abroad with foreign customers fearful of surveillance, or if they're subject to far more stringent privacy regulations overseas. Foreign governments may also start requiring companies to store data collected about their citizens locally or taking other protectionist steps for which the NSA revelations provide convenient cover."

Loss of tech prowess

The USA has prided itself on its technological prowess--with good reason. Hotbeds like Stanford University (located in Silicon Valley) created services like Google. Apple in Cupertino makes consumer electronic devices that are the envy of the world. On the enterprise side, take your pick of large tech firms boosting the US economy and providing jobs--often to non-US citizens educated at US universities like Stanford who have proven their mettle (and often, become US citizens).

In a century where the USA must compete globally, the country has let a governmental agency intrude on the privacy of its own citizens and the world's citizens. And now US tech businesses are in the spotlight for all the wrong reasons.

This loss of the moral high ground is onerous. "Cybersecurity, where the US has singular expertise, is just the start. The State Department's efforts to promote freedom online will be harder to take seriously," wrote the Post. "Repressive countries seeking to tighten their control over Internet governance will be emboldened."

No one's talked about the "Arab Spring" for awhile--when activists using the Net helped overthrow regimes in northern Africa. Given the latest revelations, it's hard to imagine a US State Department spokesperson praising such actions with a straight face.

Google's CEO flips his wig

Back in July, I wrote about the "Safe Harbor Framework" between the US and Europe, which is intended to promote export US technological services. "[It was] launched in October 1998 [and] has always been at odds with the US Patriot Act, a piece of post-9/11 legislation that EU countries dislike--to the detriment of US business abroad," I wrote. "Now that it's clear that the NSA isn't concerned with EU standards of data privacy, Europeans are alarmed."

If they were alarmed in July, imagine how they feel now. And one non-European who's gone ballistic on this dodgy spying is Eric Schmidt, executive chairman of Google. In Hong Kong this week, Schmidt praised the HKSAR's "natively entrepreneurial" culture and ripped into the NSA.

"It's really outrageous that the National Security Agency was looking between the Google data centers, if that's true," Schmidt told The Wall Street Journal in an interview. "The steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people's privacy, it's not OK."

Schmidt is correct: Hong Kongers have a natively entrepreneurial culture. And we also have the privacy commission and the PDPO. This makes the HKSAR a good place for datacenters, startups and technology-oriented businesses.

And he's equally correct when he spoke about the NSA's malfeasance: it's not OK.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityU.S. National Security Agencygovernmentprivacy

More about AppleCSAEUGoogleNational Security AgencyNSAStanford UniversityWall StreetYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stefan Hammond

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts