See other Science/Tech Articles
Title: How The NSA Revelations Are Hurting Businesses
Source:
Forbes
URL Source: http://www.forbes.com/sites/kashmir ... ations-are-hurting-businesses/
Published: Sep 10, 2013
Author: Kashmir Hill
Post Date: 2013-11-21 06:38:49 by Deasy
Keywords: NSA, leaks, snowden, National Security Agency
Views: 27
Kashmir Hill, Forbes Staff Welcome to The Not-So Private Parts where technology & privacy collide |16,664 views NSA logo, altered slightly by the EFF. The NSA leaks just keep on comin’. Last week, we found out that the nation’s suddenly-not-so-secretive spy agency has made huge strides in compromising some forms of encryption that help keep information private on the Web. This was done through known workarounds, “covertly introducing weaknesses into encryption standards” and strong-arming companies into handing over encryption keys, or according to the New York Times, stealing them. The recent revelations suggest that the reason Edward Snowden email-provider Lavabit shut down this summer was because the government was trying to force it to hand over encryption keys so that agents would have the power to read users’ emails. It’s yet another revelation in the “summer of Snowden leaks” that’s making life difficult for American businesses. Princeton technologist Ed Felten — who used to be government-employed at the Federal Trade Commission — writes, “This is going to put U.S. companies at a competitive disadvantage, because people will believe that U.S. companies lack the ability to protect their customers—and people will suspect that U.S. companies may feel compelled to lie to their customers about security.” “I can’t imagine foreign buyers trusting American products,” says security expert Bruce Schneier. “We have to assume companies have been co-opted, wittingly or unwittingly. If you were a company in Sweden, are you really going to want to buy American products?” Earlier this summer, technology analyst Daniel Castro authored a report suggesting that revelations about corporate cooperation with the government through programs like PRISM would take a toll on cloud computing businesses to the tune of $22 to $35 billion over the next three years “if foreign customers decide the risks of storing data with a U.S. company outweigh the benefits.” “Members of Congress didn’t want U.S. companies to use Huawei products because the Chinese might spy on American citizens. I expect that argument will now be leveled by many countries at the entire U.S. tech sector,” says Castro by email of the recent encryption news. “One of the important questions that needs to be cleared up is whether the NSA merely broke some crypto standards or whether they really did weaken them and implement versions of these standards with backdoors. If it’s the former, then all companies who use these standards are in trouble, not just US firms. If the latter, then U.S. companies will be hurting the most from this news.” Update 9/12/13: Forrester Research predicts that the NSA revelations may cost information technology companies $180 billion by 2016. (Via Bloomberg. It’s not just experts and analysts opining on the pocketbook pain caused by the NSA revelations. “This bodes ill for the US economy, as the rest of the world will turn its back on U.S. Internet companies,” says Phil Zimmermann, the author of Pretty Good Privacy — a form of encryption — and co-founder of Silent Circle, a company that offers secure text and chat. “The NSA policies will cause enormous collateral damage to our economy.” Zimmermann says the encryption used by Silent Circle has not been cracked by the NSA. “If you do a good job on the design, like we did, the crypto will be safe,” he says. He notes that PGP was acquired by Symantec in 2010, that all of his friends subsequently left the company, and that he doesn’t know who is taking care of it these days. “I think they still publish the source code, so it’s probably OK,” he says by email. Meanwhile, Google, Yahoo and Facebook have all filed petitions with the government asking for the right to be more transparent about the requests for information they are getting from the intelligence community. Their argument is not that NSA activity itself is hurting their businesses but that the agency’s secrecy is leading them to be hung out to dry in the press as “misleading” articles get published. “[T]he revelations about the scope of NSA activities, and false or misleading stories about Google‘s alleged involvement in such activities, have continued unabated and continue to cause substantial harm to Google’s business and reputation,” writes telecom lawyer Al Gidari in a Google filing with the Foreign Intelligence Surveillance Court. Gizmodo got a special shout-out in the filing for running a post with the “completely misleading banner” claiming that “NSA Paid Google, Microsoft, Others Millions for PRISM Aid.” Update 9/12/13: At TechCrunch Disrupt, Facebook’s Mark Zuckerberg said the U.S. government “blew it” in communication with the public about the NSA. Defending the NSA by explaining that they’re not spying on Americans wasn’t helpful to companies serving customers worldwide, said Zuckerberg.) These tech companies have sought to combat the revelations with greater transparency. (It’s a tactic the NSA is trying to with its new “on the record” Tumblr.) Telecommunication companies such as Verizon and AT&T — which hand over metadata on millions of Americans’ phone calls to the government — have instead dealt with the revelations with silence, at least when it comes to the number of government requests for information they get on an annual basis. 
How The NSA Revelations Are Hurting Businesses
Post Comment Private Reply Ignore Thread