updated 04:17 pm EDT, Fri July 26, 2013
Overseas companies react to NSA program
The National Security Agency's PRISM surveillance program is reportedly driving business away from cloud service providers based in the US, according to a survey published by Cloud Security Alliance. The industry organization found that more than half of non-US respondents claimed to be less likely to use US-based cloud providers due to the surveillance revelations, while 10 percent claimed to have already canceled an existing project plan to use US-based cloud providers.
Nearly a third of non-US respondents suggest Edward Snowden's leaks will have no impact on their plans to use US-based cloud providers. Interestingly, three percent of the same group claim to be more likely to use US-based cloud providers after learning of the PRISM program.
Notably, an overwhelming majority of the 438 respondents, including US and international companies, believe that companies subpoenaed through provisions of the Patriot Act should be allowed to publish summary information about the number of responses they have made to the US government.
The NSA's PRISM program reportedly collects a broad range of usage data from the internal servers of major tech companies based in the US. Material obtained by the agency is said to include text documents such as e-mails, along with other private content such as video chats, audio files and photographs.
Most of the attention has focused on the involvement of industry giants such as Apple, Google and Microsoft, however the program is also believed to extend to many of the smaller service providers. Despite the program's exposure, the total volume and scope of collected data remains unclear.
Snowden's leaks does not appear to come as a surprise to some companies. Several years ago, the CIO of a major Canadian healthcare organization reportedly told Ars Technica that his company was not considering US cloud providers due to an assumption that the NSA would have access to patient records transferred between countries.
A coalition of companies and organizations is pushing the US government to provide more transparency for communications surveillance monitoring. The group suggests basic information regarding the data-collection programs should be made public, enabling the American people to have an "informed public debate."