Electronic eavesdropping by the NSA (and, likely, other agencies of the federal government) has broad implications for law and civil liberties, but it also has economic effects—particularly on the IT industry. Specifically, U.S.-based cloud service providers are suffering in their business with foreign clients as a result of the recent revelations of broad government spying. Such detrimental effects, however, may be just part of a larger drag on the cloud/Internet as a social and business medium.
U.S. Cloud Revenue to Suffer
Summarizing the situation, a report by the Information Technology & Innovation Foundation (ITIF) entitled How Much Will PRISM Cost the U.S. Cloud Industry states, “The U.S. cloud computing industry stands to lose $22 to $35 billion over the next three years as a result of the recent revelations about the NSA’s electronic surveillance programs.” In particular, the damage will center on business between U.S. providers and foreign clients, who may not want their data subject to the kinds of secret programs that the NSA’s Prism represents.
The report’s estimates regarding potential losses of U.S. business to offshore competitors range from 10% of the foreign market (about $22 billion in revenue from 2014 to 2016) to 20% (about $35 billion). The U.S. share of the foreign market for cloud services is forecast at roughly 80% in 2014, down from a hypothetical forecast of 85% absent revelations of the Prism spying program.
These numbers represent a tremendous loss in potential business, as Gartner predicts global spending on cloud computing will double by 2016, compared with just 3% growth for overall worldwide IT spending. And as Europe and Asia aim to better compete in the cloud, unbridled spying by the U.S. government becomes marketing leverage, particularly for clients that want to protect sensitive information.
Spying Programs Hampering an Open Cloud/Internet
Even if you believe President Obama’s recent statement that “We don’t have a domestic spying program,” the surveillance at a minimum extends to (likely all) communications originating from or destined for foreign locations. Clearly, as the ITIF report emphasizes, the result in the IT sector is a net detriment, with potentially billions in lost revenue (and, ironically, lost taxes for the financially underwater government). But it also reinforces a barrier between the U.S. and the rest of the world that is reminiscent of the Iron Curtain—an intangible wall (or quite tangible, in the case of the Berlin Wall) between the Soviet bloc and the rest of the world.
To be sure, some of the circumstances of the U.S. relative to the erstwhile Soviet Union are different, but the resounding irony of Russia granting temporary asylum to U.S. whistleblower Edward Snowden is unmistakable. Furthermore, attempts to limit travel through revocation of U.S. passports (as has been done to Snowden) create more of an impression of a wall that aims as much to keep people in as to keep them out. Calls to revoke even U.S. citizenship in some cases are also increasing in frequency—a dangerous tool in light of the nation’s policy toward so-called enemy combatants (an ambiguous phrase that could encompass any number of persons posing real or perceived threats).
The result in terms of the cloud (and/or Internet, depending on how these terms are defined) is the slow introduction of a digital national border that discourages interaction with foreign companies and individuals. This border may or may never become official, but the unblinking eye of agencies like the NSA combined with highly aggressive foreign policy makes the U.S. a less palatable place to do business—or as a waypoint for sensitive data. In a similar vein, many offshore financial institutions want little or nothing to do with American citizens owing to regulatory and investigative problems that the U.S. government has posed over the last decade or so.
And the list of hassles goes on, including the Patriot Act—a story that IDC flubbed up in late 2012. Reassurances that “end users’ concerns over foreign governments’ access to cloud data, particularly data stored in the U.S., are misplaced” were blown away this year by Snowden’s disclosures. IDC went on to say, “Many critics of cloud services say that the Patriot Act gives U.S. government agencies unprecedented access to information stored in the cloud. This concern is often heightened because the vast majority of leading cloud vendors are U.S.-based.” But the surveillance dragnet in the U.S.—even the parts that have been revealed and not just suspected—is too broad to continue accepting such reassurances. “Users need to ignore the Patriot Act scare stories.” Indeed.
But Is the Cloud Safer Elsewhere?
A legitimate question is whether NSA spying is a serious downside or just a marketing tool for foreign cloud providers. In particular, are foreign governments truly less invasive than the U.S. with regard to their surveillance programs? The U.S., thanks to its enormous federal budget and historical technology lead, may have the upper hand in sophistication and scope, but thinking that other governments don’t aspire to the same level of Orwellian voyeurism is naïve at best. So, to be fair to the U.S., other countries likely pose similar challenges with regard to privacy and data protection, although they may lack the same fervor and security-at-all-costs (or control-at-all-costs) mindset that drives many of these programs. But image is everything, and currently, the U.S. is the current target of anti-surveillance sentiment.
Growing suspicion among nations could potentially lead to a much less “open” Internet or cloud, where physical borders become digitized, thus creating more limits (whether legal or de facto) to business and other foreign interactions. To some extent, this may be natural: although English is the dominant language of the world (in influence, at least), there’s no reason to expect it to stay that way. How often do you visit websites or patronize businesses that don’t use it (or whatever your native language)? On the other hand, large multinational companies may exert their influence to maintain openness with regard to trading, particularly since they will have the resources to serve many cultures.
NSA spying hurts the image of the U.S. and will likely put a dent in the revenue of U.S.-based cloud providers. But some of that harm may be unwarranted given that many (if not all) other nations are no doubt pursuing their own domestic and foreign surveillance programs, although they may be less sophisticated. Unfortunately for U.S. providers, however, Edward Snowden’s revelations give foreign cloud service companies a marketing gimmick to lure business. And indeed, in some cases, the political climate of other countries may be (for the time being) more conducive to data privacy than the U.S.; in such cases, the marketing gimmick is a real draw.
For the U.S., however, its denial of spying programs (followed by reluctant admission) is a serious blow to its credibility, and IT companies will suffer for it. Whether policy will continue to build a virtual wall between insiders and outsiders remains to be seen, but for now, the damage may already be done for cloud providers.
Image courtesy of ElectronicFrontierFoundation