No phone, no problem: NSA will target the cloud instead

As of last week, the National Security Agency can no longer cull through Americans’ phone records, but it can continue to eavesdrop on our emails, video chats, and documents. The NSA can keep metadata already collected until Feb. 29, 2016, and your phone data will continue to be collected by telecom companies.

But the fact that phone records can no longer be easily searched is nearly meaningless to the world of cloud computing. If the data is still up for grabs — and it is — then we’re likely to have the same concerns we did before the USA Freedom Act that curtailed some of the NSA’s activities last week.

In fact, we should be more concerned because there will likely be a shift of focus in the NSA from phone records to data.

After all, the NSA is still amassing vast amounts of personal data about U.S. citizens. The agency continues to harvest bulk communications from the Internet and social media under PRISM. PRISM allows the NSA and FBI to tap into the servers of leading U.S. Internet companies like Microsoft, Google, and Facebook to extract audio and video chats, photographs, emails, documents, and connection logs, according to documents obtained by the Washington Post.

That said, for most of people who use the cloud, the risk seems low that they will suffer harm from the expanded spying on data. U.S. companies already know the government will likely troll their customers’ data at some point, and they’ve built it into their operations and disclosures.

In the United States, the attitude is there’s little consequence to letting the government monitor their customers’ use of public cloud and hosting services. As long as it’s the government, not criminals intent on stealing data, there is not much of a risk, right?

Companies outside of the United States disagree strongly with that attitude. Spying is spying, no matter who does it, and many governments have a history of abusing such powers. Even when companies — in the United States or not — are OK with their government spying in the name of security, they are repelled by the thought that a foreign government might page through customer and sales data, looking for bad guys or who knows what (industrial espionage, for example).

As a result, some countries already have laws on the books that make it illegal for certain types of corporate data to be stored outside their borders. The current wave of government efforts to increase surveillance as a result of fear of terrorism is likely to make matters worse.

Whatever it may do for security, this surveillance and the concurrent attempts to keep data within individual borders will hinder the growth of the public cloud by billions of dollars over the next five years. What a waste.