This is an opinion piece, reflecting the views of Judith Lukoki independently.
Before PRISM, A Safe Ignorance
Before PRISM, representatives of legal entities could legitimately use Microsoft, Yahoo, Google, Facebook, Paltalk, YouTube, AOL, Skype and Apple services without knowing that these companies were delivering information, some of it confidential business, about their entities to third parties, including competitors.
Indeed, through the PRISM program, the NSA has been eying trade secrets and sensitive information, that is to say, the added value of companies. However, since the revelations about PRISM, it is no longer possible to ignore that these nine services companies could interfere in the private lives of citizens and businesses.
Indeed, the PRISM scandal has been exhibited in many mass media, especially throughout the Internet. It is now common knowledge that the U.S. government has established a system requiring these nine companies to provide exposed, means to jeopardize private data of their company.
In fact, there now is raised the question if customers may be able to sue the representatives of the company because of their use of services and products that are well-known to have a breach of security for their professional data.
Could shareholders also file lawsuits against executives for having selected services and products from one of these nine companies?
Potential customers also could face fallout and could decide to not enter into contracts with companies using the services and equipments of these nine companies because they jeopardize their business data.
Or they may even explicitly terminate their contracts.
The exclusion of public procurement
Since the PRISM scandal, the nine U.S. companies and those that outsource their services to them or buy their equipment from them may be excluded from global public procurement.
These companies and their subcontractors do not have safety procedures that prevent third parties to intercept their employees’ personal data and sensitive information. Outsourcing to them the supply of materials or services jeopardizes the information relating to the safety and security of the State and those relating to industry hosted by the State.
This is the case in Brazil. Documents released by Snowden indicate that President Dilma Rousseff’s phone calls, embassies and the Brazilian oil company (the equivalent of ExxonMobil) were tapped via the NSA system.
Since the PRISM revelations, potential non-US customers Internet services are now reluctant to use Internet services U.S. companies. So much so, that the loss for the cloud computing industry is valued at U.S. $ 180 billion over the next years.
To address this and avoid a loss of customers, Google began offering from August 15th to its business customers the ability to encrypt their data for free.
The destruction of a reputation
This type of scandal can damage the reputation of a company. The U.S. company Bloomberg, known for selling worldwide terminals allowing their users to have both access to better information on financial markets and places in real time and to use it to communicate in private, has recently experienced this.
Like many groups composed of several activities including news business, it has not prevented its journalists from getting access to private messages sent through Bloomberg’s terminal without the knowledge of the users. Bloomberg’s journalists were allowed to get access to those private conversations since the 90s. Since the scandal, Bloomberg has been nicknamed the Big Brother of Wall Street.
This is causing many professionals to worry about their data security process. Many businesses depend on the efficiency of their data protection procedures. Few customers would entrust some companies if they knew that they can not prevent their U.S. competitors and adversaries from getting access to their sensitive information. This includes:
- Businesses where professionals are committed to protect the information entrusted to them such as health professions, lawyers, professions subject to the “defense secrecy.”
- Accountants, auditors, mergers and acquisitions departments and firms
banking services subject to a legal obligation to protect personal data of their customers
- Major industries, nuclear, pharmaceutical, oil, automobiles, cosmetics, energy, construction, for which the protection of trade secrets is capital
- Agencies and freelancers in digital communications who advise the use of the services of one of these nine companies without specifying this particular negative side
- Companies of Internet services such as internet access providers, cloud providers
- Social networks with paid services such as ASmallWorld, Match or Gleeden that store and maintain their customers’ data.
How do you think the future of privacy is heading and how can businesses navigate this?
Featured image courtesy Mike Herbst.