Edward Snowden\u2019s unprecedented exposure of U.S. technology companies\u2019 close collaboration with national intelligence agencies, widely expected to damage the industry\u2019s financial performance abroad, may actually end up helping.<\/p>\n
Despite emphatic predictions of waning business prospects, some of the big Internet companies that the former National Security Agency contractor showed to be closely involved in gathering data on people overseas \u2013 such as Google Inc. and Facebook Inc. \u2013 say privately that they have felt little if any impact on their businesses.<\/p>\n
Insiders at companies that offer remote computing services known as cloud computing, including Amazon and Microsoft Corp, also say they are seeing no fallout.<\/p>\n
Meanwhile, smaller U.S. companies offering encryption and related security services are seeing a jump in business overseas, along with an uptick in sales domestically as individuals and companies work harder to protect secrets.<\/p>\n
\u201cOur value proposition had been that it\u2019s a wild world out there, while doing business internationally you need to protect yourself,\u201d said Jon Callas, co-founder of phone and text encryption provider Silent Circle, where revenue quadrupled from May to June on a small base.<\/p>\n
\u201cNow the message people are getting from the newspapers every day is that it\u2019s a wild world even domestically.\u201d<\/p>\n
PROPHESIES OF DOOM<\/p>\n
Shortly after Snowden\u2019s leaked documents detailed collaboration giving the NSA access to the accounts of tens of thousands of net companies\u2019 users, the big Internet companies and their allies issued dire warnings, predicting that American businesses would lose tens of billions of dollars in revenue abroad as distrustful customers seek out local alternatives.<\/p>\n
In a federal court filing last week, Google said that still-unfolding news coverage was causing \u201csubstantial harm to Google\u2019s reputation and business\u201d. The company said that could be mitigated if it were allowed to comment with precision about its intelligence dealings.<\/p>\n
Likewise, last month, six technology trade groups wrote to the White House to urge reforms in the spy programs, citing what it called a \u201cstudy\u201d predicting a $35 billion cumulative shortfall by 2016 in the vital economic sector.<\/p>\n
That number, it turns out, was extrapolated from a security trade group\u2019s survey of 207 non-U.S. members \u2013 and the group, the Cloud Security Alliance, had explicitly cautioned that its members weren\u2019t representative of the entire industry.<\/p>\n
\u201cI know you want sectors and numbers, but I don\u2019t have it,\u201d said Ed Black, president of the Computer & Communications Industry Association, one of the trade groups behind the letter. \u201cAnybody who tells you they do is making it up.\u201d<\/p>\n
The trade groups aren\u2019t the only ones issuing dismal, and headline-grabbing, forecasts.<\/p>\n
Forrester Research analyst James Staten wrote of the $35 billion figure: \u201cWe think this estimate is too low and could be as high as $180 billion, or a 25 percent hit to overall IT service provider revenues.\u201d<\/p>\n
Staten\u2019s comments generated dozens of media stories, some of which neglected to mention that Staten said the worst would come to pass only if businesses decided that spying was a bigger issue than the savings they gained from a shift to cloud computing.<\/p>\n
In an interview with Reuters, Staten said he didn\u2019t believe that would be the case. \u201cI don\u2019t think there\u2019s going to be a significant pullback,\u201d he said, though the rate of growth could slow for a couple of years.<\/p>\n
LITTLE IMPACT<\/p>\n
Google employees told Reuters that the company has seen no significant impact on its business, and a person briefed on Microsoft\u2019s business in Europe likewise said that company has had no issues. At Amazon, which was not named in Snowden\u2019s documents but is seen as a likely victim because it is a top provider of cloud computing services, a spokeswoman said global demand \u201chas never been greater.\u201d<\/p>\n
In the more than three months since Snowden\u2019s revelations began, no publicly traded U.S. company has cited him in a securities filing, where they are required to report events that are material to their business.<\/p>\n
One reason that the prophecies of business doom are getting such a wide airing is that both the U.S. industry and its overseas detractors have been saying the same thing \u2013 that customers will stop buying from U.S. cloud companies.<\/p>\n
Politicians in Europe and Brazil have cited the Snowden documents in pushing for new privacy laws and standards for cloud contracts and in urging local companies to steer clear of U.S. vendors.<\/p>\n
\u201cIf European cloud customers cannot trust the U.S. government, then maybe they won\u2019t trust U.S. cloud providers either,\u201d European Commission Vice President Neelie Kroes told The Guardian. \u201cIf I am right, there are multibillion-euro consequences for American companies.\u201d<\/p>\n
There have indeed been some contract cancellations.<\/p>\n
Charles Mount, chief executive of business file-sharing service OneHub, told Reuters that an automated system that asks customers why they have dropped the OneHub service elicited this reply from an unspecified Bertelsmann unit in Austria:<\/p>\n
\u201cHeadquarters is banning storage of company data in the U.S. or with U.S. companies altogether because of the NSA data-mining and industrial espionage. You should watch out for that. Maybe you should think about hosting in Iceland, Sweden or some other place known for complying with their own privacy legislation.\u201d<\/p>\n
Bertelsmann spokesman Christian Steinhof said the company couldn\u2019t confirm that the exchange had occurred and therefore wouldn\u2019t comment.<\/p>\n
FEW GOOD ALTERNATIVES<\/p>\n
There are multiple theories for why the business impact of the Snowden leaks has been so minimal.<\/p>\n
One is that cloud customers have few good alternatives, since U.S. companies have most of the market and switching costs money.<\/p>\n
Perhaps more convincing, Amazon, Microsoft and some others offer data centers in Europe with encryption that prevents significant hurdles to snooping by anyone including the service providers themselves and the U.S. agencies. Encryption, however, comes with drawbacks, making using the cloud more cumbersome.<\/p>\n
On Thursday, Brazil\u2019s president called for laws that would require local data centers for the likes of Google and Facebook. But former senior Google engineer Bill Coughran, now a partner at Sequoia Capital, said that even in the worst-case scenario, those companies would simply spend extra to manage more Balkanized systems.<\/p>\n
Another possibility is that tech-buying companies elsewhere believe that their own governments have scanning procedures that are every bit as invasive as the American programs.<\/p>\n
Some think it\u2019s just a matter of time, however, before U.S. industry suffers significantly.<\/p>\n
\u201cIndustry is still in denial,\u201d said Caspar Bowden, once the chief privacy officer at Microsoft and now an independent researcher and privacy advocate in Europe. \u201cIt\u2019s like Wile E. Coyote running over the cliff, his legs are still turning but he hasn\u2019t started falling yet.\u201d<\/p>\n
BOON FOR ENCRYPTION SECTOR<\/p>\n
As for the upside, so far only a minority of people and businesses are tackling encryption on their own or moving to privacy-protecting Web browsers, but encryption is expected to get easier with more new entrants. Snowden himself said that strong encryption, applied correctly, was still reliable, even though the NSA has cracked or circumvented most of the ordinary, built-in security around Web email and financial transactions.<\/p>\n
James Denaro, a patent attorney with security training in Washington, was already using Pretty Good Privacy (PGP), a complicated system for encrypting email, before the Snowden leaks. Afterward, he adopted phone and text encryption as well to protect client information.<\/p>\n
\u201cOne of the results we see from Snowden is an increased awareness across the board about the incredible cyber insecurity,\u201d Denaro said.<\/p>\n
Some early adopters of encryption have senior jobs inside companies, and they could bring their habits to the office and eventually change the technology habits of the whole workplace, in the same way that executive fondness for iPhones and iPads prompted more companies to allow them access to corporate networks.<\/p>\n
\u201cClients are now inquiring how they can protect their data overseas, what kinds of access the states might have and what controls or constraints they could put in with residency or encryption,\u201d said Gartner researcher Lawrence Pingree, formerly chief security architect at PeopleSoft, later bought by Oracle.<\/p>\n
Richard Stiennon, a security industry analyst and author, predicted that security spending will rise sharply.<\/p>\n
A week ago, Google said it had intensified encryption of internal data flows after learning about NSA practices from Snowden\u2019s files, and consultants are urging other big businesses to do the same.<\/p>\n
Stiennon said that after more companies encrypt, the NSA and other agencies will spend more to break through, accelerating a lucrative cycle.<\/p>\n
\u201cThey will start focusing on the encrypted data, because that\u2019s where all the good stuff is,\u201d Stiennon said.<\/p>\n
Already, in a fiscal 2013 federal budget request from the intelligence community published this month by the Washington Post, officials wrote that investing in \u201cgroundbreaking cryptanalytic capabilities\u201d was a top priority.<\/p>\n
NSA spying targeted Google: report<\/strong><\/a><\/p>\n Big brother is watching you<\/a><\/strong><\/p>\n Assange decries WikiLeaks film as \u201cmassive propaganda attack\u201d<\/a><\/strong><\/p>\n