For U.S. cloud computing companies that have long been fighting to defend the privacy protections involving data stored in their servers or passing over their networks, the ongoing revelations about the extent of the NSA's surveillance activities could carry a huge price tag.
For years, in markets such as Western Europe, cloud providers like Google and Microsoft have been trying to beat back concerns voiced by would-be customers -- and stoked by competitors and governments -- that the Patriot Act and other laws render data stored with American firms readily accessible to the U.S. government.
[ Also on InfoWorld: The anti-RSA conference: More security, less NSA. | For quick, smart takes on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. | Find out what topics and issues affect tech's biggest names and news makers in the IDGE Insider CEO interview series. | Read Bill Snyder's Tech's Bottom Line blog for what the key business trends mean to you. ]
But the protectionist policies that some countries were pursuing -- restricting cross-border data flows or requiring local hosting, for instance -- had been a nuisance, but they didn't seem pervasive enough to challenge U.S. hegemony in the cloud sector.
The equation began to change dramatically last June, when media outlets first began reporting on widespread electronic surveillance programs at the NSA, Daniel Castro, a senior analyst with the Information Technology and Innovation Foundation, said Tuesday at a policy discussion on the fallout of the disclosures of former government contractor Edward Snowden.
[ Related: A Look at the Fallout From the 2013 Snowden Leaks ]
"Then the revelations come and people start saying, 'Well, what's going to happen?'" Castro says. "Everyone's angry and they start saying, 'Can we trust the United States? Can we trust the United States with our data?' We've had these conversations before, especially around the Patriot Act. We knew that other countries have been using this argument for a long time, but suddenly they had a trump card. Suddenly they had something very clear to point to and say, 'This is why you shouldn't use Google. This is why you shouldn't use whatever -- any U.S. company -- insert the name there.'"
Castro is the author of a widely cited report that attempted to quantify the revenues U.S. cloud companies stand to lose in foreign markets if the White House or Congress does not take dramatic steps to rein in the NSA's intelligence operations. Castro pegged the potential revenue losses at between $22 billion and $35 billion over the next three years, estimates that he called "conservative" on Tuesday.
"Repeatedly we see companies saying we're the ones out there on the front lines defending this," Castro said. "U.S. companies can't solve this problem, and that's the biggest challenge right now."
Tech firms battle back against NSA
But some of the firms most affected have been fighting back. Many of the leading companies in the tech sector have mobilized their legal and policy teams in response to the NSA revelations.