Congress Still Has a Long Way to Go On Surveillance Reform | Commentary
By Alan McQuinn By passing the USA Freedom Act earlier this summer, Congress finally reformed how the National Security Agency collects and stores domestic phone records. Passing this bill marked an important step forward on surveillance reform, but Congress has much more work ahead to address the unresolved negative impact that surveillance is having on the U.S. economy.
Many spy programs — such as the controversial PRISM program that allows warrantless access to private user data from popular online services both in the United States and abroad — remain as active today as they were when Edward Snowden first pulled back the curtains on the NSA’s extensive surveillance activities. If Congress allows these programs to continue without reform, they will not just compromise civil liberties — they will also severely disadvantage the U.S. tech industry’s ability to compete internationally by undermining trust in U.S. companies and by encouraging foreign governments to adopt protectionist policies that limit market access.
In 2013, the Information Technology and Innovation Foundation estimated that if concerns about U.S. surveillance caused even a modest drop in the expected foreign market share for cloud computing services, it could cost the United States between $21.5 billion and $35 billion by 2016. But it has since become clear that the U.S. tech industry as a whole, not just the cloud computing sector, has underperformed as a result of the U.S. government’s surveillance activities. Therefore, the economic impact will likely far exceed the ITIF’s initial estimate.
Several companies have come forward describing the damage this loss of trust has had on their ability to do business abroad. For example, Cisco saw its sales interrupted in Brazil, China and Russia because of reports the NSA had secretly inserted backdoor surveillance tools into its routers, servers and networking equipment. Other U.S. companies have reported the backlash to U.S. surveillance has lost them major contracts to foreign competitors. For example, Boeing lost a contract with Brazil to Saab AB and the German government dropped Verizon over fears the NSA would use the company to spy. More recently, China took leading U.S. technology brands off its approved state purchase list in response to the revelations of widespread U.S. cyber-espionage. Because state-owned enterprises make up a substantial share of the Chinese marketplace, and they can only buy products from these approved lists, being dropped from them will have a major impact for many U.S. tech companies.
Other countries have used U.S. surveillance efforts to justify protectionist policies, too. The public rationale for these policies is to protect their citizens’ privacy and security, but it is clear that the real motivation is often misguided economic self-interest. Policymakers assume that by creating rules that advantage domestic firms over foreign competitors, they will build stronger domestic tech industries. For example, some in Europe have called for stringent requirements on where data must be stored, preferences for European providers, and even a “Schengen area for data”—a system that keeps European data in Europe—as a means of promoting deployment of cloud services that are focused entirely on the European market.
There is also a distressing trend of countries such as Australia, China, Russia, and India passing laws that prevent their citizens’ personal information from leaving their borders—effectively mandating that cloud computing firms build data centers in those countries or risk losing access to their markets. Indeed, Amazon has started running Internet services out of Germany for its European business partners in an effort to downplay threats of online spying.
To turn back the tide of protectionism and boost U.S. competitiveness in the tech sector, it is incumbent on Congress and the Obama administration to establish new standards for transparency, cooperation, and accountability. First, the U.S. government should be forthcoming and transparent about its surveillance practices and clearly inform the public about the data it collects domestically and abroad. Second, the U.S. government should work with its trading partners to establish international legal standards for government access to data. This should include international rules for transparency, settle questions of jurisdiction, and limit unnecessary access by governments to citizens of other countries.
Only by being forthcoming and honest with the world can the United States hope to repair the trust it has lost and regain its competitiveness.
Alan McQuinn is a research assistant with the Information Technology and Innovation Foundation.