One huge question for legislators and the public to understand is: how does pervasive US government surveillance damage the tech industry itself? The Boston area’s economy depends hugely on the health of the tech industry. The United States as a whole benefits enormously from the dominance of US tech firms like Apple, Microsoft, Dropbox, Adobe, Amazon and too many others to name.
Now that we have had a few months since the beginning of the Snowden revelations in June, analysts are beginning to come out with some answers. It seems that the economic impact could be enormous.
The dynamic at work here is simple.
Part of the marketing pitch for US tech software and hardware products is necessarily that they are relatively secure. A high-quality software product offers robustness to hackers; people are less likely to buy a product that has many security flaws. The revelations about the NSA, and particularly the revelations that the NSA has access to customers’ data at specific US-based tech companies and that the NSA has worked to install “backdoors” in US software products, reduce the perceived quality of those software products. Any security flaw provides opportunities for the NSA and to criminal enterprises at the same time. You can either have a product that is secure from both, or one that is secure from neither. So, it makes sense that some firms would switch their purchases from software whose security is compromised to software that promises better security.
Complicating this picture is that other countries’ intelligence agencies may not have the scale or budget of the NSA, but that doesn’t make software designed in Russia, China or Nigeria inherently more secure than software designed here in the US. The NSA also has deep partnerships with security agencies in other, allied countries, so you can’t necessarily rely on foreign-sourced software or on foreign hosting to secure your private documents. There’s a gap in the market for providers of genuinely secure software, but it is unclear who will fill it.
The Information Technology and Innovation Foundation has just released a study covering one small part of this issue: how much foreign companies currently using US cloud computing providers such as Google and Dropbox are likely to switch to other, more secure providers in response to the PRISM scandal.
By 2016, they report, cloud computing is expected to be a $207 billion industry. US companies currently dominate, but foreign governments, notably the French-led consortium Andromede, are investing heavily to catch up. There are also discussions around creating a European security certification for cloud computing providers. Neelie Kroes, European Commissioner for Digital Affairs, notes:
“If European cloud customers cannot trust the United States government, then maybe they won’t trust U.S. cloud providers either. If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now.”
ITIF goes on to say:
in June and July of 2013, the Cloud Security Alliance surveyed its members, who are industry practitioners, companies, and other cloud computing stakeholders, about their reactions to the NSA leaks. For non-U.S. residents, 10 percent of respondents indicated that they had cancelled a project with a U.S.-based cloud computing provider; 56 percent said that they would be less likely to use a U.S.-based cloud computing service. For U.S. residents, slightly more than a third (36 percent) indicated that the NSA leaks made it more difficult for them to do business outside of the United States. Thus we might reasonably conclude that given current conditions U.S. cloud service providers stand to lose somewhere between 10 and 20 percent of the foreign market in the next few years.
The tech industry currently accounts for about 10% of US job gains, which is running at about 200,000 jobs per month. If those figures were to hold steady through to 2016, then 20,000 lost US high-paying jobs per month translates into 24,000 lost jobs in 2016. That’s just for one year, in only the cloud computing sector of the tech industry.
Forrester Research, commenting on the ITIF report, suggested that ITIF’s figure of a 10-20% decrease in revenue for the US cloud computing industry might significantly understate the truth, pointing out:
1. US customers would also bypass US cloud providers for their international and overseas business – costing these cloud providers up to 20% of this business as well.
2. Non-US cloud providers will lose as much as 20% of their available overseas and domestic opportunities due to other governments taking similar actions.
They estimate overall tech industry losses as a result of PRISM as being up to $180 billion per year, rather than ITIF’s estimate of $20-$30 billion, which would obviously translate into much more damage to US job creation. Forrester recommends strongly that:
“The leading governments of the world need to set aside time at the next G20 Summit to draft clear international surveillance transparency rules that will take any potential chill off the burgeoning cloud computing market.”
All this, from just one of the many, many surveillance programs NSA is running. And, because the studies aren’t out yet, we’re not even attempting to quantify in this article the overall damage to the world economy from NSA’s undermining of the basic cryptography of the Internet.
We do get that some electronic surveillance is going to happen. But the Founders were wiser than they knew when they ruled out mass, open-ended surveillance of everyone. It’s the job of our political leaders at both the state and federal level to step up and apply the brakes. Without the tech industry, America would be a dying rustbelt economy; it’s incomprehensible that any administration would jeopardize something so key to growth.
But hey, at least NSA is hiring, so what are you waiting for? I just can’t wait for the highly surveilled bright post-high-tech future our masters at the NSA have in store for us. No-one outside the surveillance industry will have a job, as such, but at least we’ll all be very very closely watched!
[There is a government building with a reinforced concrete basement in case of a nuclear war.]
Sir Humphrey: There has to be somewhere to carry on government, even if everything else stops.
Sir Humphrey: Well, government doesn’t stop just because the country’s been destroyed! I mean, annihilation’s bad enough without anarchy to make things even worse!
Hacker: You mean you’d have a lot of rebellious cinders.