NSA Fallout in Europe Boosts Alternatives to GoogleCornelius Rahn, Marie Mawad and Claudia Rach
During its first four years, Berlin-based Posteo e.K. struggled to find customers for its secure e-mail service. That changed in June, when U.S. National Security Agency contractor Edward Snowden revealed that his former employer monitored phones and e-mails worldwide. In the past six months, Posteo has tripled the subscribers of its 1-euro-per-month ($1.37) encryption service, to more than 30,000.
“The NSA reports were the final straw,” said Daniel Hundmaier, a 42-year-old communications officer in Berlin who switched to Posteo, stopped using Google Inc.’s search engine, and changed the operating system on his phone.
As European consumers like Hundmaier focus more on Internet privacy, they’re avoiding the likes of Google, Amazon.com Inc. and Yahoo! Inc. Phone operators such as Vodafone Group Plc and Orange SA and providers of Internet computing services like Deutsche Telekom AG’s T-Systems have started stressing that stricter European laws on privacy make the region a safer place to store client data.
The shift has created a windfall for privacy-focused startups and small companies that promise enhanced security. Shares of S&T, a computer services company from Linz, Austria, attributed growth of almost 50 percent in orders this year to increased concerns over data security among customers. German systems integrator Cancom SE says its operating profit climbed 18 percent in the third quarter, largely due to fallout from the NSA scandal. Its shares have jumped 69 percent since June 1.
“Made in Germany is high in demand,” said Klaus Weinmann, chief executive officer of Cancom, based in Jettingen-Scheppach, a market town 100 km (62 miles) west of Munich.
This week, a U.S. federal judge ruled that the NSA probably acted illegally in collecting telephone-call data, allowing a lawsuit claiming the practice violates the U.S. Constitution to go forward. U.S. District Judge Richard Leon in Washington said the plaintiffs would probably prevail at trial on their claim that the right to privacy outweighs the government’s need to gather and analyze the information.
While the Sept. 11 terrorist attacks galvanized U.S. public support for data collection by law enforcement and intelligence organizations, memories of life under Nazi or Communist rule has helped spur deeper concerns about privacy among European citizens and institutions -- particularly in Germany. A poll published last month by the German Marshall Fund of the United States found that 72 percent of Germans say governments shouldn’t collect phone and Web data on citizens of allied countries, versus 44 percent of Americans.
$35 Billion Lost
Whereas U.S. encrypted e-mail provider Lavabit shut down after the FBI demanded access to its encryption keys, and American peer Silent Circle ended a similar service as a preventive measure, privacy legislation in Europe helps companies like Posteo win wary consumers.
“Our goal is to gather as little data as possible,” said Posteo founder Patrik Loehr. “It’s quite amazing how much demand that approach has generated over the past weeks and months, even from non-German clients.”
International outrage over NSA surveillance may cost U.S. companies as much as $35 billion in lost revenue through 2016, according to the Information Technology & Innovation Foundation, a policy research group in Washington whose board includes representatives of companies such as International Business Machines Corp. and Intel Corp.
Google declined to comment but noted that a company representative cited the ITIF report in testimony at a Senate hearing last month. Microsoft and Yahoo declined to comment. Amazon didn’t respond to a request for comment.
Akamai Technologies Inc., which operates servers across the globe to accelerate the shipment of Internet content, will probably lose some business in Germany because of “anti-American corporate sentiment,” Chief Executive Officer Tom Leighton said last month.
Deutsche Telekom has promoted a service that guarantees data will be stored in Germany, saying that can protect customers from access by U.S. authorities. France’s Orange last month said it’s increasing its focus on privacy and has pledged to be more transparent with customers about where their data is stored and how it’s transmitted.
French computer services company Atos, a rival to IBM, says more customers are asking what country their data will be stored in these days, and having servers in markets across Europe helps alleviate their worries.
“We can’t visit a bank or insurance company today that doesn’t see data protection” as a top concern, said Atos Senior Executive Vice-President Gilles Grapinet.
Some companies are choosing an even more cautious route: A return to analog ways. Several of the 14,000 members of the German Association for Small and Medium-sized Enterprises have reverted to printing documents and are confiscating mobile phones in meetings when confidential information is shared, according to Marc Tenbieg, the group’s chief.
“We’re seeing how companies are increasingly questioning the way they communicate internally,” Tenbieg said. “Do I have to send this information by e-mail? It can seem like using a megaphone.”
U.S. technology giants are starting to claw back. Microsoft this year has been running an advertising campaign centered on protecting data, citing a study that found 89 percent of U.S. consumers worry about online privacy.
The company this month also said it aims to expand encryption to safeguard user information, ramp up efforts to shield private data, and make its software code more transparent. Yahoo! and Google have announced similar initiatives to make their services more attractive to skeptics of data sharing. Mozilla Corp., whose Firefox has about 20 percent of the global Web browser market, says more users have downloaded data-privacy add-ons since the NSA scandal erupted.
Even companies poised to benefit from the growing focus on privacy acknowledge there’s only so much they can do to protect their customers since data can be inspected at many points as it travels across the Internet. Encryption, though, can at least make it harder for all but the most determined snoopers, said Thomas Gutsche, co-founder of Tutao GmbH, a Hanover-based company that sells a secure e-mail service, mostly to companies.
“There is no 100 percent security,” said Gutsche, who says hundreds of clients have signed up for the service -- far more than he had expected. “But it’s about staying ahead of the attackers. How difficult are you going to make it for them?”