NSA Internet Spying Sparks Race to Create Offshore Havens for Data Privacy; Firms Tout ‘Email Made in Germany’ as More Secure; Brazil Wants Its Own Servers

September 27, 2013, 12:15 p.m. ET

NSA Internet Spying Sparks Race to Create Offshore Havens for Data Privacy

Firms Tout ‘Email Made in Germany’ as More Secure; Brazil Wants Its Own Servers

ELIZABETH DWOSKIN And FRANCES ROBINSON

On the heels of allegations about U.S. government surveillance of Internet traffic, some foreign companies and politicians are seeing an opportunity. WSJ reporter Elizabeth Dwoskin explains.

BF-AF876_DATAIS_NS_20130927163604

Google Inc., GOOG -0.20% Facebook Inc. FB +1.69% and other American technology companies were put on the defensive when Edward Snowden‘s allegations about U.S.-government surveillance of Internet traffic emerged this spring. Outside the U.S., some companies and politicians saw an opportunity. Three of Germany’s largest email providers, including partly state-owned Deutsche Telekom AG, DTE.XE -0.28% teamed up to offer a new service, Email Made in Germany. The companies promise that by encrypting email through German servers and hewing to the country’s strict privacy laws, U.S. authorities won’t easily be able to pry inside. More than a hundred thousand Germans have flocked to the service since it was rolled out in August.“We can say that we protect the email inbox according to German law,” says Jorg Fries-Lammers, a spokesman for one of the German companies, 1&1 Internet AG. “It’s definitely a unique selling point.”

The U.S. National Security Agency has acknowledged collecting email data about Americans through phone and Internet companies. Silicon Valley companies have said that they don’t give the government unfettered access to user data but that they are barred from disclosing details.

Fueled by the controversy, countries are seeking to use data-privacy laws as a competitive advantage—a way to boost domestic companies that long have sought an edge over Google, Microsoft Corp. MSFT +1.53% and other U.S. tech giants.

“Countries are competing to be the Cayman Islands of data privacy,” says Daniel Castro, a senior analyst at the Information Technology and Innovation Foundation, a nonpartisan Washington, D.C., think tank that receives funding from the tech industry.

While establishing these islands of privacy might make for good marketing, the initiatives face hurdles. Laws demanding that data be stored in-country can give domestic Internet-service providers a boost but also could raise their customers’ costs.

And creating domestic walls for online service runs into a hard reality.

 

“It basically ignores the entire Internet,” says Ronaldo Lemos, director of the Institute for Technology & Society, a Rio de Janeiro think tank. “This data has to circulate. It’s going to be sent to Miami, to Europe. It’s not going to be sitting idle.”

Nevertheless, some European leaders are renewing calls for a “euro cloud,” in which consumer data could be shared within Europe but not outside the region. Brazil is fast-tracking a vote on a once-dormant bill that could require that data about Brazilians be stored on servers in the country. And India plans to ban government employees from using email services from Google and Yahoo Inc.YHOO +2.44%

U.S. companies are watching such developments with trepidation.

“We should all be nervous when countries impose costly new requirements on companies as a condition of serving their citizens,” says Facebook Chief Operating Officer Sheryl Sandberg. “It means fragmenting the Internet and putting the economic and social opportunities it creates at risk.”

Google declined to comment for this article, and Yahoo didn’t respond.

It is too soon to tell if a major shift is under way. But the Information Technology and Innovation Foundation estimates that fallout from revelations about NSA activities could cost Silicon Valley up to $35 billion in annual revenue, much of it from lost overseas business. A survey conducted this summer by the Cloud Security Alliance, an industry group, found that 56% of non-U.S. members said security concerns made it less likely that they would use U.S.-based cloud services. Ten percent said they had canceled a contract.

“We talk to our sales leaders, who talk to customers every day, and this has the potential to significantly erode the trust of customers around the world,” says John Frank, a deputy general counsel at Microsoft.

It could be tough for U.S. companies to undo any damage, particularly when the extent of NSA activities is secret and other nations have been critical of the U.S. On Tuesday, Brazilian President Dilma Rousseff in a United Nations address assailed U.S. snooping on her country. Last week she canceled a planned visit to Washington.

European Commission Vice President Neelie Kroes, who supervises the European Union’s digital portfolio, has been encouraging the bloc’s companies to tout their privacy creds. “Privacy is not only a fundamental right,” she said in Estonia this summer. “It can also be a competitive advantage.”

For small German companies competing against big ones—like online-security company Symantec Corp. SYMC -1.32% and Amazon.com Inc., AMZN -0.66%which provides corporate cloud services—the NSA surveillance program “is a present from heaven,” says Oliver Dehning, chief executive of antispameuropeGmbH, which builds spam-protection software. “It’s kind of an opportunity to strike back and protect our home market.”

He turned the Snowden leaks into a marketing campaign, tweeting about the news and speaking at industry conferences about how Germans can protect themselves from spying.

Symantec and Amazon declined to comment for this article.

Some of the promises of the would-be data islands could be tough to meet.

While much of the legislation proposes that information about citizens be located in-country, that overlooks that the data may need to be transferred elsewhere.

And laws requiring domestic hosting could raise the price of computing. The in-country hosts could have trouble competing with the economies of scale enjoyed by big U.S. companies, says Jim Reavis, president of the Cloud Security Alliance. Also, it could well be less expensive to use a data center in another country than to build one at home.

Country-specific computing can have its own privacy concerns, meanwhile. Some countries pushing domestic hosting—Brazil, for example—don’t protect the privacy of citizens’ Internet data, so consumers wouldn’t be safe from their own governments’ eyes. Brazil made 715 requests for Facebook user data in the first half, according to the company.

Because Germany has strict privacy laws, Email Made in Germany says customers who send email to fellow subscribers can be assured the U.S. and German governments will have a difficult time accessing the users’ messages. Customers see a bright-green check mark next to messages sent by fellow subscribers. A gray check appears next to messages from other email providers. That means Germans can ensure their privacy only for email to people on German soil.

Even some companies that seek to profit from fears about U.S. snooping acknowledge that law-enforcement agencies in other countries want to catch up with Washington’s capabilities.

“In the long run, there won’t be any difference between what the U.S. or Germany or France or the U.K. is doing,” says Roberto Valerio, whose German cloud-storage company, CloudSafe GmbH, reports a 25% rise in business since the NSA revelations.

“At the end of the day, some agency will spy on you,” he says.

About bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (www.heroinnovator.com), the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: