Tech Giants To US: Stop Spying - InformationWeek
Mobile // Mobile Business
04:00 PM
Connect Directly
Faster, More Effective Response With Threat Intelligence & Orchestration Playboo
Aug 31, 2017
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the ...Read More>>

Tech Giants To US: Stop Spying

Apple, AOL, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo have asked the US government to limit its data gathering.

Eight technology companies have banded together to ask the US government to reform its surveillance policies and practices.

Apple, AOL, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo on Monday published an open letter to President Obama and members of Congress in which they state that recent revelations about the scope of NSA surveillance highlight "the urgent need to reform government surveillance practices worldwide."

The revelations in question, published over the summer in The Guardian and The Washington Post, were made possible by documents leaked by former NSA contractor Edward Snowden, who is living in Russia for fear of arrest by US authorities.

"The security of users' data is critical, which is why we've invested so much in encryption and fight for transparency around government requests for information," said Google CEO Larry Page in a statement. "This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world. It's time for reform and we urge the US government to lead the way."

The companies want governments to: set self-imposed limits on their data collection; seek data through intelligence agencies under a clear legal framework; be transparent about government information demands; not require service providers to use in-country infrastructure; and cooperate with one another when seeking data across jurisdictions.

[ Snowden: Hero or traitor? Read NSA Prism Whistleblower Snowden Deserves A Medal. ]

Although the documents provided by Snowden reveal the scope of NSA data collection, this isn't just about the reach of US intelligence agencies. As Forrester analyst James Staten wrote in August, "It's naive and dangerous to think that the NSA's actions are unique. Nearly every developed nation on the planet has a similar intelligence arm which isn't as forthcoming about its procedures for requesting and gaining access to service provider (and ultimately corporate) data."

For several of these companies, this letter adds weight to their ongoing litigation against the US government for permission to disclose the number of national security-related data disclosure orders they receive, which they cannot reveal under current law.

The Obama administration is currently reviewing US surveillance policy, following the initial outcry over the revelations and the subsequent finding that the US eavesdropped on foreign government leaders, friend and foe alike. The non-classified findings of the review are expected to be published in mid-December.

Each of the signatory companies stores data for customers. Much like banks, they depend on customer trust to remain stewards of customer data.

"People won't use technology they don't trust," said Microsoft general counsel and executive VP Brad Smith in a blog post. "Governments have put this trust at risk, and governments need to help restore it."

When the government has access to that data without legal process -- through bulk collection, for example -- and without the knowledge of the company storing the data, corporate assurances of data safety become less credible and customer trust erodes.

That erosion has an estimated cost: The Information Technology & Innovation Foundation (ITIF) has estimated that the US cloud computing industry could lose as much as $35 billion by 2016 from companies that balk at the prospect of unfettered US access to data service providers.

Forrester's Staten argues that the ITIF figure is too low. He said the US cloud computing industry stands to lose as much as $180 billion, or 25% of overall IT service provider revenues, by 2016.

The use of cloud technology is booming, often offering the only way to meet customers', employees', and partners' rapidly rising requirements. But IT pros are rightly nervous about a lack of visibility into the security of data in the cloud. This Dark Reading report, Integrating Vulnerability Management Into The Application Development Process, puts the risk in context and offers recommendations for products and practices that can increase insight -- and enterprise security. (Free registration required.)

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
<<   <   Page 2 / 2
User Rank: Ninja
12/10/2013 | 6:52:06 PM
Re: Who Can We Trust?
Yes and whether $35 billion or $180 billion turns out to be the actual short term lose that the US cloud computing industry will suffer, I wonder how much it will cost the cloud industry in the long run. Canada has become the first country to have a free trade agreement with both EU and US (NAFTA), firms like Mitel and Asatra are merging to increase their productivity, and ICT in general requires rules that safeguard customer's information that is acceptable across borders.

First the government shutdown setback talks between the US and EU, and NSA is just causing more problems, if things continue similarly and US citizens do not take an active interest in this issue then next US jobs from the Cloud industry will be lost to global firms that are more efficient.
User Rank: Moderator
12/11/2013 | 4:42:43 AM
Re: Who Can We Trust?
I agree that users are going to keep using these services, regardless. The UI and features/functionality is immediate, while privacy or domestic/foreign intelligence eavesdropping likely seems rather abstract.

What I find interesting about the open letter is that none of the signatories are yet encrypting their communications/data, end to end. At the same time, they're making a political call on the U.S. government not to eavesdrop on those communications.

But what's to stop anyone else -- namely, foreign governments with intelligence agencies that, unlike in the United States, feed intel to their domestic businesses to give them a competitive edge -- from intercepting those communications? 

As Tom said, if you build a strong cloud service, this problem goes away. And there are several steps these businesses could be making, which would help make the need for open letters unnecessary. 
User Rank: Ninja
12/11/2013 | 7:23:15 AM
Re: Who Can We Trust?
@ACM, this was part of my point. We've had reports of the NSA spying on us for years but it's not until someone walks away with some data and it becomes a high profile story that the tech giants seem to care.  There have long been people complaining about Google reading your mail in order to serve targeted ads, why is Google up in arms now?  I feel like the tech companies are trying to distance themselves from they spying but they are doing their own brand of spying at the same time and have been allowing the government to do so for years.  I don't see anyone closing their Dropbox, Gmail and Facebook accounts over the Snowden leaks so why has this become such a big deal for the tech giants?
User Rank: Ninja
12/11/2013 | 6:00:08 PM
Re: Who Can We Trust?
All of your points are excellent and perfectly logical. I feel that the tech giants are literally working for the customers in this instance. I could be wrong, but my view of a consumer is that a consumer and producer is the same thing and can only be distinguishable if time is narrowed down to a small period. Much like savings and investments are the same thing in the long run. 

If the US government does not have a framework to protect the intellectual property of customers/producers then foreign governments will also not protect intellectual property of customers/producers, and developing countries have more to lose by not respecting intellectual property because it would promote corruption. Tech giants can implement something like i2p or something that is massively more complicated to crack but doing so would mean less people have incentives and the capability to become customers/producers of ecommerce.
User Rank: Ninja
12/14/2013 | 9:25:42 AM
Consumers to Tech Giants: Stop cooperating
As long as the tech giants just dish out the data for any petty reason or even make money with it (yes, that means you AT&T) all this is just empty talk. The tech giants have the resources to say No and take the federal agencies to court for each and every single request until either there is a clear court ruling by a real court (not this FISA court crap) or Congress finally gets something done and passes laws that ideally restrict and defund the NSA and the dozen other three letter agencies that sniff around in stuff that is none of their business.

If letters to Washington would accomplish anything the postal service would not run a deficit....
<<   <   Page 2 / 2
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll