The Fallout From the NSA’s Backdoors Mandate

The United States National Security Agency (NSA) is widely believed to have mandated high-tech vendors build backdoors into their hardware and software. Reactions from foreign governments to the news are harming American businesses and, some contend, may result in the breakup of the Internet.

For example, Russia is moving to paper and typewriters in some cases to move certain types of information, Private.me COO Robert Neivert told the E-Commerce Times.

Governments are pushing to enact laws to force the localization of data — generally meaning they won’t allow data to be stored outside their borders to protect citizens against NSA-type surveillance — a move that’s of particular concern to American businesses, according toa Lawfare Research paper.

That’s because they deem U.S. firms untrustworthy for having provided the NSA with access to the data of their users.

Revisiting the Tower of Babel?

“There’s an increased use of networks on behalf of Europe and other allies that do not pass through U.S. companies or U.S.-controlled networks,” Neivert said. Some countries are even proposing to break up the Internet.

However, “people who say these things threaten the Internet itself are misunderstanding things,” Jonathan Sander, strategy & research officer ofStealthbits Technologies, told the E-Commerce Times. “The Internet produces too much wealth for too many people and organizations for anyone, including the U.S., to threaten it.”

The U.S. economy “is one of the best weapons we have in the technology war,” Sander continued. The U.S. market “is too big for foreign governments to ignore,” which is why foreign companies continue doing business with the U.S.

Concern has been expressed about invasions of privacy through surveillance, but this issue is “a matter of policy” and there are differences in how citizens of different countries approach it, Sander pointed out. “In the EU and, to a lesser extent [Australia and New Zealand], privacy is an issue at the ballot box so there are laws reflecting that.”

In the U.S., however, privacy “has yet to seriously break through as an issue, so there has been less motion,” Sander remarked.

Massive Cost to U.S. Businesses

In August of last year, the German government reportedly warned that Windows 8 could act as a Trojan when combined with version 2.0 of theTrusted Platform Module (TPM), a specification for a secure cryptoprocessor.

The TPM is included in many laptops and tablets, and the concern is that TPM 2.0 makes trusted computing functions mandatory rather than opt-in as before, meaning it can’t be disabled. Further, it can let Microsoft establish a backdoor into the device it’s in.

Microsoft’s response was that OEMs can turn off the TPM in x86 computers.

The German government will end its contract with Verizon; Brazil has decided to replace its fighter jets with ones made by Sweden’s Saab instead of Boeing; and Web hosting firm Servint Corp. reported a 30 percent decline in overseas business since the NSA leaks first made news in June 2013.

“There is both diplomatic and economic backlash against these tactics,” Robyn Greene, policy counsel atNew America’s Open Technology Institute, told the E-Commerce Times.

It’s difficult to establish an exact dollar amount, but “experts have estimated that losses to the U.S. cloud industry alone could reach (US)$180 billion over the next three years,” Greene said. “Additionally, major U.S. tech companies like Cisco and IBM have lost nearly one-fifth of their business in emerging markets because of a loss of trust.”

Foreign companies are using their non-U.S. status to advertise themselves as more secure or protective of privacy, Greene remarked.

The Other Side of the Story

On the other hand, Cisco’s share of the service provider router and carrier Ethernet market bounced back strongly after an unusually weak Q2, primarily because of a strong performance in the Asia-Pacific and the EMEA regions, SRG Research reported.

“Cisco is in a league of its own, with a global presence, credibility and product range that cannot be matched by its competitors,” John Dinsdale, managing director and chief analyst at SRG, told the E-Commerce Times. “When demand increases, there is only a rather short list of vendors who can satisfy it, and Cisco clearly has the strongest story to tell.”

In addition, the allegations that U.S. high-tech firms built backdoors into their products are not true, contended Philip Lieberman, president of Lieberman Software.

“I have never seen any cooperation between U.S.-owned software or hardware manufacturers to insert backdoors into their products for the use of the NSA,” Lieberman told the E-Commerce Times. “The damage that such an inclusion would cause to the company that did so would be catastrophic and probably unrecoverable.”

Rebuilding Faith and Trust

With its backdoors, the NSA “broke the foundational element of trust, and that’s something very difficult to recover from. [It has] in effect destroyed the trusted and secure reputation of U.S. companies,” said Neivert.

“More and more we will see U.S. tech companies focusing on distinguishing their products and services with heightened security offerings and working to achieve legislative reforms that would rein in [surveillance practices]. That’s the case with theReform Government Surveillance Coalition and tech industry trade associations that represent thousands of companies,” New America’s Open Technology Institute’s Greene added.