Firms Have Much to Lose as Congress Wrestles With Privacy
Some companies are in a bind over privacy.
They don’t want to cooperate with the National Security Agency’s program of collecting data from nearly every phone call and many e-mails in the U.S. But they want to use private information from ordinary folks to help identify and target potential customers.
They won’t get to have it both ways.
More privacy safeguards are coming, in some cases slowly, starting with limits on government programs. Congress has to act by June 1, 2015, or the NSA’s phone monitoring section of the Patriot Act will expire.
Congress won’t kill the program. There’s too much worry about terrorism for that to happen, and too many friends of the NSA holding powerful committee assignments in Congress.
But lawmakers will alter it, placing restrictions on how and when the intelligence agency can gain access to private data, adding more transparency about its use and curbing the practice of eavesdropping on allies.
Until changes are made, many U.S. technology firms will suffer, losing cloud storage contracts with foreign clients. They also face heat from stockholders if they don’t take protective steps while waiting for Uncle Sam. One possible step: Moving cloud servers outside the U.S.
Even businesses with lucrative government contracts will step up the fight. They fear lost income from overseas more than retribution from Congress or the Obama administration.
Microsoft is already making noise about moving cloud services abroad. Dropbox is weighing the move, too. Though the file storage firm’s servers are in the U.S., 70% of its clients are based abroad and are increasingly worked up about U.S. intelligence programs that collect private information. Some makers of routers and servers also fear losing business, including Cisco and Hewlett-Packard.
Getting businesses to change their own data use policies will take longer, even as corporate tracking of purchases and other purposes become more intrusive.
One reason: Many consumers seem to grudgingly accept the annoyance and seem resigned that they can’t do much to fight the trend. Soon, though, the tools for data analysis will be within reach of firms of all sizes, not just corporate giants, and use will mushroom. So, too, will the potential for misuse, as more personal data is amassed on the sly.
Until those changes come -- five years or more from now -- encryption services will grow, allowing consumers to add a layer of protection to e-mail, social media and the like.
It won’t end data mining, but it will make private information more difficult to obtain.
No matter how far the pendulum swings toward privacy, it’s likely to be temporary. New developments -- an attack, an uncovering of fresh threats, military intervention -- will drive changes in the law and in the government’s behavior that will make national security the focus again.
It’s a regular cycle. In the 1970s, leaked disclosures of secret files stolen from an FBI office in Media, Pa., led to a new privacy push and government restrictions on the use of private information about citizens. But Sen. Frank Church, the Idaho Republican who chaired the Senate’s investigation, warned that the pendulum could quickly swing the other way.
“The National Security Agency’s capability at any time could be turned around on the American people, and no American would have any privacy left; such is the capability to monitor everything: Telephone conversations, telegrams, it doesn’t matter. There would be no place to hide,” he said, according to The Burglary: The Discovery of J. Edgar Hoover’s Secret FBI, by Betty Medsger.
Privacy ruled for a number of years, despite Church’s warning. Then came the attacks of Sept. 11, and everything changed. The Patriot Act gave the government broad new powers, some of which we’re learning about only now because of documents leaked by former NSA contractor Edward Snowden.
(Associate Editor Ken Bazinet and Reporter John Miley contributed to this report.)