Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
United States Businesses China EU Government Your Rights Online

NSA Spying Hurts California's Business 277

mspohr points out an opinion piece from Joe Mathews that "makes the argument that California's economic life depends on global connections. 'Our leading industries — shipping, tourism, technology, and entertainment — could not survive, much less prosper, without the trust and goodwill of foreigners. We are home to two of the world's busiest container ports, and we are a leading exporter of engineering, architectural, design, financial, insurance, legal, and educational services. All of our signature companies — Apple, Google, Facebook, Oracle, Intel, Hewlett-Packard, Chevron, Disney — rely on sales and growth overseas. And our families and workplaces are full of foreigners; more than one in four of us were born abroad, and more than 50 countries have diaspora populations in California of more than 10,000.' It quotes John Dvorak: 'Our companies have billions and billions of dollars in overseas sales and none of the American companies can guarantee security from American spies. Does anyone but me think this is a problem for commerce?' It points out that: 'Asian governments and businesses are now moving their employees and systems off Google's Gmail and other U.S.-based systems, according to Asian news reports. German prosecutors are investigating some of the American surveillance. The issue is becoming a stumbling block in negotiations with the European Union over a new trade agreement. Technology experts are warning of a big loss of foreign business.' The article goes on to suggest that perhaps a California constitutional amendment confirming privacy rights might help (but would not guarantee a stop to Federal snooping)."
This discussion has been archived. No new comments can be posted.

NSA Spying Hurts California's Business

Comments Filter:
  • by lxs ( 131946 ) on Monday July 15, 2013 @07:08AM (#44282875)

    All this caring about what foreigners think sounds Unamerican to me.

    • All this caring about what foreigners think sounds Unamerican to me.

      I agree, bring back Arnie!
      Oh wait...

    • California's also overlooking how much the NSA pays Facebook, Google, etc for that data.

      I imagine it must be far more than the lost business.

  • by alen ( 225700 ) on Monday July 15, 2013 @07:13AM (#44282895)

    What does the dgse and other agencies do all day?
    Xbox?

    • Re: (Score:3, Funny)

      by mwissel ( 869864 )

      What does the dgse and other agencies do all day?

      Evaluate the data they receive from NSA.

    • by AHuxley ( 892839 ) on Monday July 15, 2013 @07:19AM (#44282929) Journal
      Contain their own press, save or rig trade deals, hide or set up sex scandals, protect NATO com links, insider trading and contain any "public" outbreak of local crime. Help the USA and UK.
    • by Anonymous Coward on Monday July 15, 2013 @07:21AM (#44282949)

      Pointing out someone else also kills puppies is no basis for a defense for you killing puppies.

      • That's not the point. If you are not going to transact business in a country specifically over the concern about your puppies being killed, you should be aware of which other countries kill puppies as a matter of routine governmental intelligence gathering. And by which others, I mean all of them. In fact, I would say that any country who doesn't kill puppies as part of their internal intelligence operations either has no significant stake in world affairs or is lying. Killing puppies is a fact of modern in

        • Re: (Score:3, Interesting)

          by Anonymous Coward

          Nonsense. There's a HUGE difference between being spied on by our own government which IS accountable to us, ultimately, and some foreign superpower that isn't. Sorry but that's the crux of it. We can do something about the first situation, democratically. What can we do about that bunch of evil sociopaths you voted in? Not a damn thing.

          It's already happening. Watch your cloud providers collapse, and you brought it on yourselves. Well done (slow handclap).

      • by Kohath ( 38547 )

        It's the "everybody does it" defense -- a favorite defense of those who are obviously guilty.

    • Nope. DOS games. Xbox might have a backdoor.

  • by Karmashock ( 2415832 ) on Monday July 15, 2013 @07:15AM (#44282911)

    Seriously. We've been saying this for decades. Secure it.

    Top to bottom encryption, compartmentalization, etc.

    Make it so the NSA just can't tap your communication.

    • by Anonymous Coward on Monday July 15, 2013 @07:25AM (#44282979)

      Seriously. We've been saying this for decades. Secure it.

      Top to bottom encryption, compartmentalization, etc.

      Make it so the NSA just can't tap your communication.

      Microsoft helped the NSA get around their encryption [guardian.co.uk]. Securing technology only works as long as the company securing it does so against everyone. How can you tell whether the company you're working with has a quiet deal with the government?

      I know one response will be "open source!", but how many people actually go through OS code looking for hidden back doors? And it's not like we can all run our own infrastructure, you've got to trust someone at some point, and how can you tell whether or not they've got a quiet deal going on in the background?

      • by Runaway1956 ( 1322357 ) on Monday July 15, 2013 @08:09AM (#44283315) Homepage Journal

        Well, at least with open source, I can decide whom I want to trust, if anyone. With Microsoft or Apple, what are your choices? The various officers of either company can make statements that "You can trust us!" but there isn't a snowball's chance in hell that ANYONE can inspect the code to find those back doors.

        I'm far less than competent at reading code, but I can actually step through some of it, with open source. I can do it openly, without fear of someone finding out that I "hacked" the code. I can look at it all day. If I find something that I don't like, I can contact someone - anyone - to find out what it is. My buddy, down the street, who is a little more competent than I am. People on a support forum, some of whom are actually competent. The developers themselves, if I think I've really got something.

        Try that with Microsoft or Apple. You might want to consult with a good lawyer before doing so.

      • We need a commercial version of a Class I Crypto and partitioned systems. Basically, private industry need to start doing the same things that the military IT services have been doing for the past 50 years. The so called 'firewall' concept needs to be strengthened to form a really secure barrier.
        • If you think a private crypto company is going to be safe/reliable then you have missed the point entirely. You can't trust the software if you can;t see the code. Period. It has been shown time and again when standards are ratified that the NSA had been poking their heads about to ffer suggestions to design.
    • by AHuxley ( 892839 )
      You would have to go for an air gap.
      With trade deals US cloud providers start to whine and put pressure on the US gov.
      The result is demands from the US gov like this:
      http://www.smh.com.au/national/public-service/trade-war-up-in-the-clouds-20120529-1zhpg.html [smh.com.au]
      "‘Concerns that laws such as the Patriot Act offer the US government carte blanche to obtain private data from US providers are misplaced"
      We should have listened to our own experts and air gapped much more :)
      • by Karmashock ( 2415832 ) on Monday July 15, 2013 @07:44AM (#44283103)

        Air gapping isn't good enough because that only concerns hacking.

        What about intentional collusion between your service provider and a third party? THAT is at least half the problem.

        Many companies do have good security that would give the NSA a hard time. BUT all the NSA has to do is make a phone call and the company just hands over the data.

        That is unacceptable. As a result, systems need to be set up in such a way that information is decentralized thus making it harder for any one source to compromise you entirely. And the information must be encrypted using private encryption keys that the company doesn't have access to... That is, they store and transfer your data but they don't decrypt it. It decrypts and is encrypted on your systems.

        Its really all about control and "what is possible"... To make ourselves secure, we need to make it more and more impossible to get data. Make it theoretically unlikely or literally impossible for them to breach your data without basically blackjacking you and then water boarding the information out of you.

        There are systems that cannot be breached. They are generally very inefficient but we have processing power, storage, and bandwidth to spare. Especially concerning high security data we can afford to make our systems literally unhackable.

        • A proper air gap, in which your own data is stored on your own servers, and only accessed under rigorous guidelines, wouldn't be crossing your ISP's infrastructure. Therefore - the ISP can't hand it over to the government. No one can reach what is inaccessible from the internet, unless then come in to your place of business, to gain physical access to your servers. That might be done with a secret warrant from a secret court - but the moment they come through your doors, it's no longer very secret. You

      • "American envoys are now pressing the Australian government to alter its official guidelines on data security."

        Don't do it. It's a trap, plain and simple. "Come into my parlor, said the spider to the fly."

    • by gl4ss ( 559668 )

      but if it's done in america you can't trust the compartmentalization. maybe through open source, but even then it's a bit iffy.
      you see, the problem is that you can't trust that the american offices weren't visited by men in black.

      • by Karmashock ( 2415832 ) on Monday July 15, 2013 @07:55AM (#44283167)

        The point is not for any one thing to make you 100 percent bullet proof.

        The point is to make getting your data without your approval annoying, inefficient, and incomplete.

        When we over centralize and give our hosting companies total access to our data then there is only one place the "men in black" need to go to get everything. They don't need to force hack anything because the company will just give up the security keys.

        Break things up while avoiding big companies that it becomes unlikely that your host will have any "deal" with the NSA or FBI.

        Furthermore, no reason for the host to even be able to give the NSA what they want. Use them to HOST your data... not manage its encryption.

        There are methods of encryption that can't be breached or are so difficult to breach that they'll be secure for generations. That's good enough. When the NSA wants your data they're going to have a very short attention span about it. Tell them it will take 10 years of super computer time to break something and they'll opt for plan B... which might be actually sending you a court summons or something.

        Point being... we're making it too easy for the NSA by over centralizing and placing too much trust in our hosts. Reverse that policy and the NSA will find very little they can exploit.

        • by ewieling ( 90662 )
          I thought plan B was for them to hit you with a $2 wrench until you tell them your encryption key?
          • by Thud457 ( 234763 )
            This is the U. S. gubbamint we're talking about, that wrench isn't going to be a mere $2.
    • by L4t3r4lu5 ( 1216702 ) on Monday July 15, 2013 @07:59AM (#44283205)
      Point me to a secure and easy to use for the regular user system, and I'm all for implementing it.

      Currently, what we have is PGP. This is great for people who know what the terms X.509, 2048bit RSA, and certificate revocation list mean and why these things are important. However, it doesn't help Bob in Accounting get his TPS report to Simon in Management very quickly. It's awkward and it's cumbersome for anyone who doesn't have quite an in-depth knowledge of the technologies involved.
      • by chihowa ( 366380 )

        In the case of corporate infrastructure, like you describe, it's much easier. If you have knowledgeable people designing and running the system, you can make it quite easy for the end users. It's easier to justify the expense and hassle of crypto dongles (or smartcards) to take key management away from the users. You can set policies on the systems to force the use of encryption.

        It gets hard when you start dealing with random people, your grandparents, and friends. They can't keep their computers free of ma

    • by sFurbo ( 1361249 )
      That is what they are doing. One step in securing the tech is to limit the number of back doors. Apparently, the best way to do this presently is to have as little US tech involved as possible.
    • Beyond top to bottom encryption, know who has access to your keys.
  • by Anonymous Coward on Monday July 15, 2013 @07:19AM (#44282939)

    Seccede from the union? Then you're just as much a furriner to the NSA as the rest of the world. And thus fair game to spying operations that have gotten a little out of hand. To the point that you can no longer say "don't do that" to the people doing it. It is so much out of control that you have to shut down the machine entirely and scap it. And please don't rebuild it, not even from scratch.

    This also shows how utterly provincial the USoA really is. It takes an outlier like California to look outside the borders with anything but thinly-veiled suspicion. And that also means that the USoA is not really fit for playing the world's neighbourhood cop, since that is a position of trust, not power. It doesn't surprise, then, that there's quite a difference between how the rest of the world sees what it's done and the stellar job it itself thinks it has done.

  • Are you surprised? (Score:5, Insightful)

    by gstoddart ( 321705 ) on Monday July 15, 2013 @07:24AM (#44282973) Homepage

    If you demonstrate that your industry is an arm of state surveillance, why would you be surprised that when this is revealed people stop trusting you?

    Every other country in the world now more or less has to assume that these American companies can (and will) provide their data for US national intelligence -- at which point the logical choice is to stop using those US companies.

    Much like if companies from another country were found to be enabling widespread spying on US citizens, there would be outcry in the US and backlash.

    I don't see why anybody should be surprised that if you undermine trust, there will be consequences.

    Some of these companies were already very casual with what they were collecting (eg Google and the wifi passwords when doing Street View). If they were likely handing this kind of stuff over to the US government, even less so.

    Once damaged, trust is a very difficult thing to get back. If Google and everyone else though they were under scrutiny for their privacy policies before, then they should really expect a lot more of it.

    • It is called "blowback". No surprise there.

    • If you demonstrate that your industry is an arm of state surveillance, why would you be surprised that when this is revealed people stop trusting you?

      No one is surprised, and suggesting otherwise is disingenuous douchebaggery. Just as when a slashdot headline is a question the answer is no, so too is the answer no when a comment title asks one.

      I don't see why anybody should be surprised that if you undermine trust, there will be consequences.

      I can't even figure out on what specious basis you're claiming that people are surprised.

      • by gstoddart ( 321705 ) on Monday July 15, 2013 @08:07AM (#44283285) Homepage

        I can't even figure out on what specious basis you're claiming that people are surprised.

        The entire tone of TFA is one of "what happens now". It's full of things like:

        Will tourists balk at visiting us because they fear U.S. monitoring? Will overseas business owners think twice about trading with us because they fear that their communications might be intercepted and used for commercial gain by American competitors? Most chilling of all: Will foreigners stop using the products and services of California technology and media companies â" Facebook, Google, Skype, and Apple among them â" that have been accomplices (they say unwillingly) to the federal surveillance?

        I'm not saying nobody didn't see this as a possible outcome -- but it certainly reads like now that people are realizing the potential scope of the impact they're wondering what they can do to mitigate it.

        Even before this was revealed many people were already saying that, due to the PATRIOT Act, you shouldn't be trusting these companies with your data. Now it's been confirmed. US based cloud services might suddenly find a lot of doors closed to them -- it's not a surprise in the "wow, who saw that coming?" send, but people are acting like the "what next" part is coming as a surprise.

        Hell, I'd go so far as to say that a lot of these companies should have been saying to themselves "if this ever gets out, there is a real chance of business risk". Now that it has, there is. If they didn't have a plan in place for what to do, then that's their problem.

        • I'm not saying nobody didn't see this as a possible outcome -- but it certainly reads like now that people are realizing the potential scope of the impact they're wondering what they can do to mitigate it.

          The truth, though, is that now that the scope of the impact has been publicized, corporations who already knew that data they shared with U.S. corporations was being Hoovered into the government's databases are now having to deal with the backlash from their customers.

          Hell, I'd go so far as to say that a lot of these companies should have been saying to themselves "if this ever gets out, there is a real chance of business risk". Now that it has, there is. If they didn't have a plan in place for what to do, then that's their problem.

          Exactamente.

  • Monday (Score:5, Interesting)

    by coofercat ( 719737 ) on Monday July 15, 2013 @07:25AM (#44282975) Homepage Journal

    It's a Monday, and /. is stating the bleedin' obvious.

    What's less obvious is how much NSA snooping hurts US companies. I doubt it's nearly enough to be able to call it a justification for dismantling the infrastructure.

  • by brxndxn ( 461473 ) on Monday July 15, 2013 @07:29AM (#44283001)

    Anti-terrorism is the excuse for spying. Business is the real purpose. When the countries we spy on the most can be ranked in terms of size of economy, there is no fucking way the government can keep claiming that the purpose for these spying programs is anything other than to keep the powerful people powerful.

    For example, revelations were made that we target Germany for spying. It only makes sense if you look at the size of the economies. http://www.spiegel.de/international/germany/nsa-spies-on-500-million-german-data-connections-a-908648.html [spiegel.de]

    Yes, NSA spying will hurt California's business.. and it should. Instead of giving in to the secret government's secret demands, Google, Microsoft, Apple, and everyone else should be fighting these anti-democratic efforts tooth and nail.

    • Yes, NSA spying will hurt California's business.. and it should. Instead of giving in to the secret government's secret demands, Google, Microsoft, Apple, and everyone else should be fighting these anti-democratic efforts tooth and nail.

      It's too late. IBM and Microsoft have both been in bed with government since time was time, for them anyway. Social networks and other data aggregators are also obvious allies; the aggregators can't even do what they do without government complicity.

    • I didn't see any indication that Germany was targeted more than say, France or Brazil, which tends to disprove your assertion. i.e. I didn't see a scale where amount of spying correlated to size of economy.
    • I don't entirely disagree with you, however several of the 911 hijackers, called the Hamburg Cell [wikipedia.org], did live in Germany prior the attack. This cell included 2 of the pilots, as well as ringleader Mohamed Atta.

      As to this story, in the end there is no way to entirely eliminate geopolitics from globalization. But it is a matter of degree and I agree it has got out of hand in the wake of 911, although I am really only upset about the domestic side of it.

  • Don't complain (Score:5, Interesting)

    by Cynops ( 635428 ) on Monday July 15, 2013 @07:32AM (#44283019)

    German citizen here, and one working it IT Security for almost two decades now. I have been advocating the use of strong encryption and keeping the crown jewels "in the house" to my employers and customers all the time, but managers would often not listen in order to save the odd buck on the next outsourcing deal.

    By launching and funding the spy programmes the US government has willingly accepted possibly detrimental effects on the economy.

    In my opinion it serves the US companies right that finally the time has come that companies and people all over the world actually start looking at whom they make business with. The USA have decided to spy on every single person on this planet - OK, but now don't complain that this hurts your economy. If US companies don't like what's happening then they should complain to your government and make them change things.

    A lot of trust has been destroyed, and it will take the US economy some effort to regain it. Work hard, and maybe some day in the future I will no longer advise my customers and friends to avoid US services.

    • Well, I advise my customers to avoid all foreign services, not just the USA. Whenever you send an email, it is backed up in at least 5 countries.
  • by Marrow ( 195242 ) on Monday July 15, 2013 @07:33AM (#44283027)

    We repeatedly hear that NSA is spying for industrial reasons. To give advantage to American companies. But the NYSE is full of foreign companies that are traded here. And those companies are in complex derivative markets. And the retirement portfolios of Americans. If its an truly international market now, but American companies are benefiting from the spying, then Americans are being hurt. Perhaps the difference is that foreign companies cannot contribute to politicians and political parties. Maybe that is the difference.

  • Not a bit (Score:2, Interesting)

    by PopeRatzo ( 965947 )

    There's not going to be any problem with anyone hosting anything in the US. What do you think all these lovely "trade agreements" are about?

    The NSA will promise to "partner" with friendly foreign intelligence services and it will all be one big happy family except daddy has his hand under your skirt.

    I guess the best we can hope for now is that there are some more brave whistleblowers out there who will risk their lives to keep this story front and center. And if that fails, the best we can hope for is tha

  • Are you considering not dealing with the US over concern that the NSA is spying on your communications which pass through the US? I ask because the CIA are spying on pretty much every one else internationally. Oh, and should you feel that other countries are *not* spying on your communications...well, that's the kind of naivete they're counting on so that they can expect that you won't be moving to any annoying end-to-end communication encryption any time soon.

    Have a great day!

  • I have been saying this since the Snowden releases -- because all of US products compromised by the NSA/CIA/FBI and used as spy devices, people will change the way they feel about US products and services INCLUDING communications.

    I would find it not hard to imagine that other nations would begin setting up additional/supplemental communications links across the world to avoid passing through US controlled circuits. It simply makes sense to route around the damage. And F/OSS is also looking REALLY attracti

  • This reminds of how they got Capone on income-tax evasion: it wasn't his (allegedly) serious and morally reprehensible crimes which did him in the end. Likewise, the overreach (such an understatement) of the NSA and "justice" department is now having serious consequences, not just the ones you would expect (e.g,. widespread moral outrage, constitutional crisis, shutting down and arrests). Things will change because of money, not moral outrage.

  • by odigity ( 266563 ) on Monday July 15, 2013 @08:56AM (#44283855)

    Secede. Get rid of the federal beast sucking at your throat while simulatenously choking it.

    It'll make it easier for the rest of us to do the same, and then maybe we can finally know some peace.

    • +1 - unlike most states, California could actually pull secession off. Big population, lots of industry, geographically diverse and geographically isolated. Great trade connections. Plus most of the rest of the US wishes they'd fall off the edge of the continent already.

      Good luck getting much water out of the Colorado river post secession, but that's been drying up anyway.

      If California were to secede, I would move back in a heartbeat.

  • by Bill_the_Engineer ( 772575 ) on Monday July 15, 2013 @09:24AM (#44284159)
    California's high cost of living, taxes, urban sprawl, over regulation, and bankrupt state budget is more a risk to California's business than some speculated blowback from NSA revelations.
  • Tip of the iceberg (Score:4, Interesting)

    by gmuslera ( 3436 ) on Monday July 15, 2013 @02:25PM (#44287937) Homepage Journal
    California tech industry is a lot about intellectual property.What if the world decide to dismiss US intellectual property because US dismissed the intellectual property of just everyone else?
  • European view (Score:4, Informative)

    by TheSync ( 5291 ) on Monday July 15, 2013 @03:37PM (#44288855) Journal

    I was recently at an IT conference in Geneva.

    A speaker from a large company there warned those attending (mainly from Europe) to avoid US cloud companies because of NSA spying. Not just US-based servers, but also any company with SUPPORT STAFF located in the US as well, even if the servers are located outside of the US.

    Reason 1 is the risk of private company information flowing to competitors through the NSA either officially or through corruption.

    Reason 2 is the legal risk of falling afoul of EU privacy laws by hosting in the US or with US support staff.

    That's the report from Europe folks. You can call it FUD, but it is there nonetheless.

No spitting on the Bus! Thank you, The Mgt.

Working...