

U.S. cloud firms face backlash from NSA spy programs - antman
http://www.computerworld.com/s/article/9241003/U.S._cloud_firms_face_backlash_from_NSA_spy_programs

======
beloch
After SOPA, it became clear that the U.S. info sector could no longer neglect
its lobbying efforts in Washington. The MPAA and RIAA represent comparatively
tiny (in terms of revenue) interests but were only thwarted by the
unpredictable (and unreliable) intervention of the public.

Now this.

The info sector has become big industry and is going to play a correspondingly
big role in U.S. politics going forward. They're going to make more campaign
contributions, be more involved in the campaigns themselves, and spend more
money on lobbyists than ever before. Capitol hill is about to get a whif of
silver-dollar grapeshot from a new angle, and those voting to maintain NSA
funding are in an exposed position!

~~~
s_q_b
We need a well-organized lobbying effort to support the interests of United
States internet companies. Those survey numbers are actually astounding.

The most surprising thing about lobbying and donation efforts is that they
aren't really all that expensive. All it takes is a few hundred thousand to a
million to swing a tight election. The amounts aren't that large. Maybe a
crowdfunding campaign for a Free Internet PAC?

~~~
rodgerd
From my perspective outside the States, there is already government support,
which is the full-court press US ambassadorial staff have been running in
Australia and New Zealand to categorise privacy and data sovereignty laws as
unfair and illegitimate anti-competition laws whose sole purpose is to prevent
companies like Amazon gutting the local IT markets.

I imagine they are running the same line in Europe.

I wonder what Amazon's relationship with the US government is like?

~~~
s_q_b
Sure, there are some interests that run in the opposite direction.

But domestically, the amount of power Silicon Valley and tech centers across
the country hold in Washington is not commensurate with their economic and
cultural clout. Certainly it is time for that to change.

------
computer
I too have switched my personal things and most of our company away from the
US. I have helped my friends move to non-US chat services and/or use OTR. I
will spend my money on secure (from snooping and the operator) encrypted
services outside the US instead.

Seeing that we have no rights in the US whatsoever, it is ridiculous to store
anything in the United States that could be used in any way at any point in
the future.

If the US wants to keep its leading role in the Cloud-business, it will need
to curb these programs and protect the companies from forced participation in
mass surveillance measures (including on foreigners). Keep in mind that even a
single policy-maker that decides not to trust US-based services can cost the
US economy millions of dollars.

~~~
deegles
Honest question, what makes you think that you will have more rights/privacy
by hosting somewhere else? It's been my impression that there has been
(comparatively) little backlash within the US regarding foreign data
acquisition. Maybe all this attention on the NSA's activities will be the
trigger for other countries to create or ramp-up their own data snooping
efforts.

~~~
j-g-faustus
Two reasons for non-Americans:

\- the snooping is explicitly targeting foreigners. In USA I'm a foreigner, by
hosting in my own country I have at least the protection of being a citizen.

\- if I don't like the snooping my own government does, I can call my
representatives, vote for "less snooping" political candidates, start lobbying
etc. In a foreign country like USA I have no rights or leverage whatsoever.

~~~
perlpimp
NSA and CIA has been used for Industrial espionage purposes in the past, so I
wouldn't be surprised if this whole PRISM program was in part for enriching
the wealthy and connected even more (and their enterprises).

We already moved our servers & data back to Germany right now evaluating few
replacements for Google Apps.

~~~
jacquesm
> evaluating few replacements for Google Apps.

Curious about your eventual decision.

------
artichokeheart
"The level of skepticism was greater than I expected," said Jim Reavis, co-
founder and executive director of the CSA. "I had thought that more people
would understand that these activities happen all the time in their countries
as well."

Way to not get the point Mr Reavis

~~~
Zigurd
That quote is just astounding. The "Cloud Security Association?" Really? It
reflects a strange kind of toadyism that some "security professionals" have
about cooperating with intelligence and law enforcement.

~~~
rhizome
They work hard to track how little security the cloud has.

------
flyt
Pretty simple way to frame this in a way that Washington can understand:

The NSA data collection programs are _job killers_ for American high-tech
workers and its most innovative companies.

~~~
flyt
"Hard working, innovative technology companies are losing out to foreign
companies due to this unaccountable, big government program. It's time to
reign in this anticompetitive NSA behavior and let American business compete
on a level playing field."

*formatted for a talking head to use on FOX News/MSNBC/CNN

~~~
jrockway
Can't the NSA spy on foreign operations without _any_ legal oversight, as
opposed to spying on domestic operations with "oversight" from a secret court?
Both are bad.

~~~
dragonwriter
> Can't the NSA spy on foreign operations without any legal oversight

Yeah. It would be kind of bizarre to have a military signals intelligence
service where spying on foreign electronic communications was some kind of
exceptional activity.

The whole _point_ of the NSA is spying on foreign operations. The legal
restrictions involving a "secret court" (the two courts themselves aren't
secret, though their proceedings tend to be) for oversight are to prevent the
abuse of the "foreign intelligence" excuse as a backdoor for blanket domestic
surveillance.

Or at least, that was the original purpose of FISA after exactly that kind of
abuse. With various "War on Terror" era changes, its arguable that the purpose
of the oversight has been reversed so that it now serves as a form of legal
cover for the abuse of the "foreign intelligence" excuse as a backdoor for
blanket domestic surveillance.

~~~
Silhouette
_Yeah. It would be kind of bizarre to have a military signals intelligence
service where spying on foreign electronic communications was some kind of
exceptional activity._

And then international travel became a routine occurrence, and countries made
"alliances", and international commerce became one of the most powerful forces
driving the global economy, and the Internet arrived, and the kind of black
and white world you're imagining went away. No country exists in such a vacuum
in the twenty-first century, and a country that respects the basic rights of
its own people but completely ignores the rights of others will pay a price
for that hostility sooner or later. At least today that price is mostly
measured in dollars and not blood as it might have been a few decades ago.

It's sad that a lot of the abuses we've seen and heard about in recent years
have to be curtailed through financial pressure and not politicians doing the
right thing, but that doesn't make people voting with their wallets any less
effective.

~~~
dragonwriter
Travel doesn't really change things. The issue is sovereignty; relations
between nations remain stuck in a place very close to the Hobbesian state of
nature. Insofar as this is a problem to solve, the solution is popularly
accountable governments with broader geographic scope than existing nation-
states.

Note, however, that, there's not much movement in this direction (EU expansion
is pretty much it) anywhere in the world, and some movement in the other
direction.

~~~
Silhouette
_Travel doesn 't really change things. The issue is sovereignty_

I don't know how meaningful "sovereignty" is any more, though. We live in very
literally a global community today. People visit each other's countries for
work and pleasure, some for a short time, some making a relatively permanent
move. Even without physical presence, in the age of the Internet and easy
international shipping, everyone's economy depends deeply on those outside
their own country.

The kind of "us and them" mentality we've seen in recent debates about privacy
and security is an anachronism, a work of fiction based on romantic notions
from a different time and place. The key difference between political vs.
financial influences reigning in that mentality is that the established ruling
class in each "us" group can still exert considerable control over the
political landscape, but the financial landscape is shaped by reality and has
therefore adapted faster to modern life. You can spin your surveys showing
that 99.97% of $YOUR_COUNTRY's citizens have no problem with $ABUSE, but if
the reality is that the abuse is unpleasant and people don't like it, the
money is still going to show it. Ask anyone in the air travel industry who has
the option of using various controversial security measures or not.

~~~
dragonwriter
> The kind of "us and them" mentality we've seen in recent debates about
> privacy and security is an anachronism, a work of fiction based on romantic
> notions from a different time and place.

All notions of groups of people are equally works of fiction, whether its
everybody-is-"us" or "us and them". As long as you don't have a single
government of global scope, you are going to have the consequences of separate
governments (and, no, "no governments" doesn't get you out of that problem,
its just the limit case of lots of governments, where every government
consists of one person.)

> The key difference between political vs. financial influences reigning in
> that mentality is that the established ruling class in each "us" group can
> still exert considerable control over the political landscape, but the
> financial landscape is shaped by reality and has therefore adapted faster to
> modern life.

That's an amusing story, but it is by no means true. Particularly, it relies
on the absolutely ludicrous idea that "the financial landscape" and "the
political landscape" are separate things. Particularly, it pretends that the
"established ruing class" that has influence over the "political landscape"
isn't the same set of wealthy people whose preferences are reflected in the
"financial landscape", and that the "political landscape" isn't a product of
how the "financial landscape" has "adapted to modern life".

> You can spin your surveys showing that 99.97% of $YOUR_COUNTRY's citizens
> have no problem with $ABUSE, but if the reality is that the abuse is
> unpleasant and people don't like it, the money is still going to show it.
> Ask anyone in the air travel industry who has the option of using various
> controversial security measures or not.

Do you realize how the nationalization of air travel security in the US (which
relieved airlines of responsibility/liability), the adoption of many specific
controversial security measures (that involved purchasing goods and services
from security firms), and the programs which allow the "right kind" of people
to pay and bypass certain security procedures illustrate the falsity of your
political vs. financial dichotomy?

~~~
Silhouette
_Particularly, it relies on the absolutely ludicrous idea that "the financial
landscape" and "the political landscape" are separate things._

They can easily be so in the short term. In the longer term, they tend to get
pushed back into sync.

 _Particularly, it pretends that the "established ruing class" that has
influence over the "political landscape" isn't the same set of wealthy people
whose preferences are reflected in the "financial landscape"_

They aren't, because money locked up in someone's savings and investments
isn't driving the economy in the same way that money someone spends in the
store or going on holiday is. Unless those few rich people are suddenly going
to start flying thousands of times a day, the airlines are going to care more
about the numerous you-and-me people choosing whether to spend their money on
a flight than they are about one guy who always flies first class but is still
only buying one ticket, particularly when, as you point out yourself, they can
often conveniently eat their cake and have it if they allow the rich guy to
bypass unpleasantness that is imposed on the rest of us anyway.

 _Do you realize how the nationalization of air travel security in the US ...
illustrate the falsity of your political vs. financial dichotomy?_

It illustrates how in the short term the political powers always win, sure.
But in the long term, significant numbers of people and businesses will favour
travelling in more pleasant ways, or storing their data in ways that don't
expose them to liability and/or industrial espionage, or otherwise avoiding
unwelcome measures where it's possible to do so. The unpleasantness exposes
its perpetrators to disruption by more agreeable alternatives, which is why
those perpetrating it are always trying to force a lack of choice on consumers
via legislation. But that in turn has a political price, and sooner or later
it always breaks down too.

------
thaumaturgy
Incidentally, I just had a new customer call to ask about hosting services,
because he needs a new mail account and, in his words, "can't trust Google
after all the recent news." This guy is an attorney and very far from the tech
echo-chamber.

I've got a pretty small business in a small town, so when I start hearing
about stuff like this from customers, it's usually a pretty good indication
that it's gone mainstream.

~~~
sixothree
Using google just makes me feel dirty. When it's decision time at my company
there are a number of us who will be lobbying against google, skype, dropbox
et al.

------
whyme
What's surprising is the lack of alternative services (even outside the US)
that clearly state any service they provide will in fact shut down before not
being transparent. I have cancelled quite a few services over the last few
months, but struggle to find real alternatives.

Also, I doubt even transparency in the aggregate would be enough to make me go
back into US based offerings.

~~~
vmarsy
Take a look at [http://www.ovh.co.uk/cloud/public-
cloud.xml](http://www.ovh.co.uk/cloud/public-cloud.xml) EC2-like instances are
supposed to be released at the end of august.

~~~
bigiain
I notice they've now got a US based datacenter. With my overly-paranoid hat
on, I wonder how much that places their entire business under risk of NSA
pressure?

~~~
sudonim
They have a North American datacenter in Canada, but nothing in the US. The
website makes it seem like they do presumably for marketing reasons.

------
MichaelMoser123
very good; change in policy will come if the big tech companies speak up and
state that total snooping is bad for business.

If one is all for snooping then the sited argument is 'national security' \- a
very pressing concern. If one is against snooping then the only argument one
has are 'civil rights' \- this is a matter of principles, meaning that is not
of immediate concern; there is always something more urgent to override
matters of principle.

If one states that snooping is bad for business then this again moves the
argument against snooping into the realm of urgent issues.

------
inopinatus
As of yesterday I've been noticing various Google applications (Maps in
particular, both web and iOS) nagging me to turn on centralised history
recording, in order to have any kind of search history or bookmarking.

My answer is "hell no", always has been and even more so now; and I can deal
with the disappearance of functionality, but the nagging is especially
irritating and the timing doubly ironic.

------
barking
What this tells the US Gov't is that you can have money or you can have PRISM,
but you can't have both.

Money (aka 'the pursuit of happiness') medium of exchange and shield against
tyranny

~~~
fargolime
If US tax revenues fall, then tax rates rise (with concomitant loopholes for
the wealthy). Gov't wins either way. The general public takes the hit, as
always.

------
dcc1
Ive one server left in US, cancelling it soon, thats 900/month less going into
US economy.

~~~
teeja
Good for you. Thoroughly understandable, that money could help to build
infrastructure in your own country. At the same time, the economic cost will
_undoubtedly_ help to end this undemocratic insanity, _and_ will make these
guys far more sensitive to their endless xenophobia.

------
velik_m
The biggest danger to the USA tech industry isn't even the customer blowback,
which might blow over soon enough. The biggest danger is an opportunity for
local competition to lobby the local governments to legitimately regulate US
competition out of the market. For instance if the German government demands
that all operating systems have to be open source (to prevent backdors) and
replaces Windows with something like LiMux (which will of course be serviced
by local companies who lobbied) and all companies dealing with citizen data
have to use it as well, Microsoft could lose a huge chunk of market almost
over night.

------
coldcode
I hope so.

------
bhauer
This is why in my recent rant about how Microsoft could re-establish its
relevance [1], one recommendation was that Microsoft differentiate itself as
the only tech titan to champion a decentralized cloud. I fairly strongly feel
that would be a competitive advantage.

(Of course if all self-managed security implemented on Microsoft operating
systems can be subverted by the NSA, it's a moot point.)

[1] [http://tiamat.tsotech.com/microsoft](http://tiamat.tsotech.com/microsoft)

~~~
hobs
Microsoft has such a good relationship with the government that its unlikely
to be able to extricate itself to every accomplish that.

~~~
nivla
But doesn't Microsoft also have good relationship with other governments?
Wouldn't that make them play diplomatic? If Microsoft is found inserting
backdoors into their core OS, every other government using their product would
dump it for something else. From a business perspective why would someone
willingly take that risk?

------
pinaceae
so this might happen in the SMB space. but any slightly global corp? just how
will that US office be connected? will BMW cut off all of the US? Nestle?
Sanofi-Aventis? Heineken? Toyota?

if it's on the internet, everyone is snooping it. your traffic crosses swedish
borders? swedish intelligence has the right and means to copy everything.
haven't seen new routing tables being adjusted to avoid sweden. facebook has
their EU datacenter there.

it's kneejerk-ish IT admins who are pulling these things right now. who don't
understand what having anything connected to the internet really means. any
un-encrypted email plus their attachments? that pricelist you just sent your
colleague? public. chatting with partners over g2m or skype? public.

but sure, the NSA is listening in on your little bikeshop which is using
basecamp or mailchimp. core interests of the USA in peril.

------
kingsidharth
Sources? Numbers? Specifics?

------
tteam
At Tonido, we got a following mail from a customer a week back.

" We are sorry but recent developments and news in regard to the NSA PRISM
program and the Patriot Act have made us decide no longer to use any cloud
solution developed or hosted by a US company. You can remove our information
from your database."

Even though, Our Tonido software is a self hosted one and totally orthogonal
to Google Drive or dropbox in principle and in operation, we do get the shaft
unfairly.

~~~
krbbltr
At this point I think it's not entirely unreasonable to assume that your
company might be forced to incorporate hidden backdoors into your software
should the NSA ever decide that your customer's data is of value to them.

Not your fault, sure. But that's the reality.

------
avty
This is a great opportunity for non-US based startups to make a killing.

