On the government policy front, IBM has described data localization requirements by countries as short-sighted policies, that "do little to improve security but distort markets and lend themselves to protectionist tendencies." Governments should also not subvert commercial technologies, such as encryption, that are intended to protect business data, the company said in what appears to be a reference to reports that the NSA has been attempting to circumvent encryption technologies.
Other tech companies have also tried to reassure their customers in the wake of the Snowden disclosures. Microsoft told business and government customers worldwide in December that it is committed to informing them of legal orders related to their data, and will fight in court any 'gag order' that prevents it from sharing such information with customers. The company also plans to encrypt customers' information moving between its data centers, with plans to complete the project by the end of 2014.
Yahoo and Google have also announced strengthening encryption of their services.
IBM said its letter was in response to customer questions on how best to secure their data, where to locate it, and how the company would respond should governments request access. It was also a matter of interest to its employees, partners and shareholders, Weber wrote.
In December, the Louisiana Sheriffs' Pension and Relief Fund sued IBM in a district court in New York, claiming that it failed to inform investors that sales in China would slow after disclosures that IBM was cooperating with the NSA spying program. Weber said at the time the suit was "pushing a wild conspiracy theory." IBM had attributed a drop in hardware sales in the third quarter partly to delayed procurement by Chinese government agencies while the local government framed a new economic policy.