The Economic Cost of Surveillance


Wired has recently published a post on the economic losses to US businesses due to NSA surveillance, saying that:

“The economic costs of NSA surveillance can be difficult to gauge, given that it can be hard to know when the erosion of a company’s business is due solely to anger over government spying. Sometimes, there is little more than anecdotal evidence to go on. But when the German government, for example, specifically cites NSA surveillance as the reason it canceled a lucrative network contract with Verizon, there is little doubt that U.S. spying policies are having a negative impact on business.”

For anyone still unsure if this is overblown, or questioning if isolated cases are illustrated by the media, I’d like to mention some real life examples of the problem. An example which comes directly “from the trenches”, and so low-tech that I thought a long time if I should even bother writing about it.

Our a recruitment & consulting company operates in future-tech markets. Most of the candidates we interview mention that their employer is considering, or have already moved many internal services to the Cloud. Or their employer is themselves in the business of selling software solutions. Solutions which must be offered as a SaaS, if their provider wants to stay relevant.

As part of our BI, we harvest fast amounts of public data from all types of channels in order to predict demand for talent. Our system goes far beyond scraping job-sites to find out who’s hiring, in order to gauge where demand will rise and for whom. While this approach is sometimes flaky (BigData always is), it provides some pretty good indicators of where we need to start digging further in order to derive an intelligent prediction.

Back to these firms who started moving to the cloud: The Snowden revelations had according to our own research, until end of 2013, no immediate effect on them. Strategy departments in these companies, presumably still shell-shocked, were grappling with processing what just happened. At the end of last year however we noticed the first effects.

Changes in our data streams, pointed to a rise in demand for sales experts. This was expected, considering that the Internet of Things (IoT) and the Cloud itself created a strong need for professionals selling these new services and initial marketing and business development efforts started to pay off. But in addition to the increased demand, there seemed to be an unusually strong fluctuation in the number of sales experts looking for new jobs. Again, this in itself wasn’t odd …

What was surprising however, was a new theme which arose in interviews with sales candidates all across Europe. Namely when we ask the question, “what is your motivation to change your employer”, it now leads to an answer similar to:

“My current employer had a change in strategy and decided to tie our incentives, targets and sales bonuses to the number of cloud licenses which we sell. And knowing the local market and our existing clients these figures are never reachable. Not now. Cloud is a tough sell because most of our clients are already wary and will never agree to move data to a server in another country …”

Those candidates which gave a different reason we asked how they feel about the cloud based products in their portfolio gave a similar picture. Nearly all candidates (from over 200 people interviewed in Q1/Q2) who provided us with this reasoning, were working for US based firms.

Is the Cloud doomed in corporate environments?

Hardly. At the same time sales tactics in local EU firms haven’t changed, or in some cases have even been strengthened, because they can now guarantee their customers to host all data locally which is one of their biggest sales arguments.

No doubt that what I claim above comes directly from the horses mouth. But if a small firm like ours is able to notice these aftershocks, in such a consistent manner, I wonder what the actual sales prognosis in the bigger US software firms look like.

So what’s the way out?

While security consulting services are thriving and continue to sell snake-oil, the real problem is broken trust. Looking at software security to solve privacy issues alone will not do anything. The US government ensuring it’s local citizens to only spy on foreigners is neither reassuring.

Is there a technical solution?

NSA Headquarters, Forte Meade Image: National Security Agency
NSA Headquarters, Forte Meade
Image: National Security Agency

Broken trust can’t be fixed with technology but must be addressed with policy. No matter how well you encrypt your solution and ensure that “only” meta-data is being stored in the US, your cloud solution won’t be an easy sell for us over here in old Europe as long as your underlying government policies aren’t supporting privacy in that model.

Comments appreciated.

Joachim Bauernberger
Passionate about Open Source, GNU/Linux and Security since 1996. I write about future technology and how to make R&D faster. Expatriate, Entrepreneur, Adventurer and Foodie, currently living near Nice, France.

Valbonne Consulting provides Research & Consulting for emerging technologies in Internet/Web of Things (WoT/IoT/M2M) and Emerging-Tech. We specialise in decentralisation, security and privacy. We work across a variety of traditional industry verticals (Telecommunications, Automotive, Energy, ...). We support Open Source and technologies built on open standards.

Leave a Reply

Your email address will not be published. Required fields are marked *