Participants hold up images of former NSA analyst Edward Snowden at an April conference on the future of Internet governance in Sao Paulo, Brazil.
This week marks the one-year anniversary of the Snowden revelations. Whatever you may think about Edward Snowden the man — is he a traitor or a hero? — one fact is indisputable. His leaks shook the U.S. technology industry to its core. And the reverberations keep on coming.
Take Cisco. The Silicon Valley giant is now at risk of losing its once-stellar reputation with foreign customers — at the exact same moment it needs to grow abroad.
Security Worries For The Cloud
Cisco is one of the companies that connect us to the cloud, by making routers and switches. About half of its business is abroad, and every year Cisco throws an event for its customers.
The latest one was a concert by rock legend Lenny Kravitz. He performed at AT&T Park in San Francisco and, between the crowd's cheers, he complained about the weather. "It's cold here. I live in the Bahamas."
Many in the audience came from much farther away. In fact, 25,000 high-powered executives from around the world flew into town. To keep growing, Cisco needs the trust of these foreign customers. The Snowden revelations don't help.
Take one man I randomly bump into, Elly Resende from Brazil. He is responsible for the technology for staging the 2016 Olympic Games in Rio. He's the kind of guy who dives headfirst into the newest gadgets and gear. "I'm like a freak with ... I like technology a lot," he says.
But this past year, he hit the brakes on a hot trend: cloud computing. That's when you put data online, in servers that can be outside your own country.
Cisco provides cloud services and was putting them on display prominently at the conference. Resende is a client who is skeptical. While he likes the convenience of accessing data from anywhere, he's worried about security — especially with data that is valuable to the competition, like athletes' training results.
"This is a concern especially after the Snowden thing," he says. "How do you guarantee that your data is accessed only by you? Who else has the same access to the information that you produce, you think you control?"
Plenty Of Questions From Customers
Cisco hears such concerns all over the world.
"I think it's been pretty universal outside of the U.S.," says Christopher Young, Cisco senior vice president of security. "So you can go to Latin America, you can go to Europe, to Asia, and there's many examples of customers asking those questions."
The very first Snowden revelation — which was about the National Security Agency spying on phone calls — did not rock the high-tech industry. But the news bomb that came one day later, about a program called PRISM, did. The U.S. was tapping directly into the central servers of nine leading Internet companies including Microsoft, Yahoo, Google, Facebook and Apple.
The journalist who broke the Snowden story, Glenn Greenwald, published a picture of a Cisco router allegedly intercepted in the mail, taken out of the box and tampered with by the NSA.
No Place to Hide / Metropolitan Books
Suddenly cloud computing could be a platform for mass surveillance. American tech companies could be working hand-in-hand with their government, and foreign clients would not get the memo.
Young says the revelations have shaken customer confidence: "People say, 'Hey, we've known Cisco for a long time. We know we trust you guys. But given what's going on, how much can we really trust you?' "
The answer is a moving target because the revelations keep on coming. Recently Cisco got caught in the cross hairs. The journalist who broke the Snowden story, Glenn Greenwald, published a picture of a Cisco router allegedly intercepted in the mail, taken out of the box and tampered with by the NSA.
Another progressive journalist, Amy Goodman, asked Greenwald about it on her show Democracy Now: "So they get the Cisco router — with the knowledge or without the knowledge of Cisco?"
Greenwald responded, "It's unclear."
'More Shoes To Drop?'
Cisco says it was not aware of its routers being hacked. And CEO John Chambers wrote an open letter to President Obama, telling him that the actions, if true, "undermine confidence in our industry." Chambers also urged standards of conduct that meet national security objectives without jeopardizing business interests.
It's not every day that an industry in hypergrowth loses trust with its customers in a big way.
Andrew Bartels, with Forrester Research, studies cloud computing. "At this point, we don't know which direction it's going to take," he says. "Is everything out? Or [are] there still more shoes to drop?"
By his estimate, a sector that hardly existed five years ago will be worth $191 billion by 2020. But that big number, he says, hides the rates at which different countries are moving to the cloud, and new resistance to that move.
"You found in Europe, Germany in particular, companies putting those plans on the shelf because of the privacy issues," Bartels says. According to a study by German high-tech association Bitkom, cloud use grew just 3 percent in 2013, compared with a 9 percent increase in 2012.
When Brazilian President Dilma Rousseff found out her emails were monitored by the NSA, she called for an end to the unquestioned use of U.S.-based servers. Bartels says, "That in turn has cascaded through the Brazilian government, which does still own a certain large portion of the economy."
And businesses are realizing that cloud computing exposes them to new levels of domestic spying, Bartels says. "In markets like China or like Russia, I think the issue here is concerns in the private sector about giving business information to the government," he says.
In this messy landscape, Cisco is losing ground. In its last quarterly earnings call, the company reported that orders from emerging countries fell 7 percent — down 27 percent in Brazil alone, 8 percent in China and 28 percent in Russia.
The company and its Silicon Valley competitors are now retooling services, trying to rebuild trust — or offer more secure products.
Tune in to All Things Considered this afternoon for a report on a capitalist who has made a killing since the Snowden revelations.
Correction June 5, 2014
A previous version of this story incorrectly linked to a spoof NSA site. While the director of national intelligence acknowledges the PRISM program, the NSA does not describe it as a leading form of intelligence.