One year after former NSA contractor-turned-whistleblower Edward Snowden rocked intelligence agencies and IT service providers alike with his leaks of broad government surveillance efforts, major tech companies like Microsoft and Google are taking up the mantle of privacy in the internet age.
On the anniversary of the Snowden disclosures, Microsoft's general counsel Brad Smith took to the company's blog to issue a stern rebuke to the American spy agencies: stop hacking our datacentres.
"The US government needs to address important unfinished business to reduce the technology trust deficit it has created," wrote Smith. "It's now apparent that the government intercepted data in transit across the internet and hacked links between company datacentres. People have real questions and concerns about how their data is protected.
"These concerns have real implications for cloud adoption. After all, people won't use technology they don't trust," Smith said.
The comments from Microsoft's top lawyer come as fears raised by the Snowden leaks in particular continue to have broad repercussions in the IT industry and pushing potential customers to rethink their cloud computing deployment plans amid security and privacy concerns, according to a new survey.
Research by the Cloud Security Alliance late last year indicates growing reluctance to engage cloud services providers. That reluctance is acute among organisations outside the US who've become increasingly doubtful of the integrity of datacentre assets housed in the US since the NSA scandal.
The survey found 56 per cent of businesses based outside the US are less likely to use US-based cloud providers as a result of the Snowden affair. Some 10 per cent say they'd already cancelled a project with a US-based cloud provider.
Smith lays out five suggestions for the government to help repair the damage wrought by the deterioration of trust in US technology systems including confining US search warrant powers to entities within US borders, ending bulk collection of phone and internet data, reforming the FISA court, improving government transparency on data collection efforts and, most strongly, ceasing government hacking of datacenres and communications cables.
To the last point: "Shouldn't a government that prosecutes foreigners who hack into US companies stop its own employees from hacking into such businesses?" Smith asked, rhetorically. "Why must we continue to wait for an assurance on this issue?"
More than just an academic discussion, Microsoft has taken real action to address customers' concerns in the post-Snowden era. The company took pains this week to explain the safeguards it has put in place to keep client data secure and private in its Office 365 services through prudent application of rights management and user-based access control.
Microsoft calls the Office 365 protection schema "lockbox" which is as good a name as any, we suppose, for what should be table stakes in the world of cloud applications and storage assets that involve critical business data.
So too have companies such as Google, which took the significant step this week of releasing a beta version of tools designed to keep Gmail communications fully encrypted between end users with no decryption in transit. That puts a serious spike in Google's ability to monetise its free e-mail service by putting traffic in the clear in order to insert ads, but the desire to protect users' privacy trumped the business concerns at present, Google officials said.
Both Microsoft and Facebook have also taken steps to encrypt internal traffic in the wake of the NSA scandal. A number of the major vendors have been vexed and embarrassed by the Snowden leaks, which included indications that US-based technology companies have cooperated with the government in their data collection and surveillance efforts.
The tide is changing on that front, however. This week a group of tech heavyweights including Microsoft, Facebook and Google as well as Apple, AOL, Dropbox, LinkedIn, Twitter and Yahoo, formed a coalition called Reform Government Surveillance which took out full-page ads in newspapers nationwide to insist that governments curtail their largely unchecked data collection efforts.
"We understand that governments have a duty to protect their citizens. But the balance in many countries has tipped too far in favour of the state and away from the rights of the individual," reads a letter signed by the CEOs of the nine member companies. "This undermines the freedoms we all cherish, and it must change.
"It is in the best interest of the US to resolve these issues. Confidence in the internet, both in the US and internationally, has been badly damaged over the last year."
As part of our special editorial partnership, CRN is publishing this article from Channelnomcs.
Telco also announced series of initiatives to drive digital growth in the UK
Nana Baffour opens up on Getronics' mammoth acquisition of Pomeroy
Analyst predicts SaaS will remain the dominant segment in the market as it grows 17 per cent in 2019
NSS Labs claims vendors are refusing to have their products tested effectively and are trying to restrict its access