How the NSA Is Killing American Small Businesses
Government snooping and the cloud-based software industry
The Small Business Web is a trade association for companies that sell cloud software to other small- and medium-size businesses. What began in 2009 right here at South by Southwest (SXSW) has grown into an organization with over 1,000 members, including companies like Constant Contact and Hootsuite.
While attending the conference this weekend I had a chance to chat with Sunir Shah, founder and president of the group (and the chief marketer at Olark, itself a cloud software company that provides a live chat tool that businesses can use to talk to customers online). He shared some thoughts about the ways the federal government, especially via National Security Agency (NSA) domestic spying, is hurting small businesses like the ones his trade association represents.
(The below transcript has been edited for clarity and length.)
Q: Tell me about the ways the federal government is affecting what Small Business Web's members are trying to accomplish.
A: A great example is the current U.S.-E.U. Safe Harbor data privacy treaty that just got blown up in October 2015 by the European Court of Justice directly in response to the Edward Snowden leaks from the NSA. And so now every U.S. company that is doing business with European customers will be asked to sign these things called "standard contractual clauses." The idea is to implement the same data privacy rights as the treaty, but it has to be signed one-on-one between each E.U. customer and each U.S. company. That's a lot of time and effort to negotiate with our customers' lawyers. And it's a very unstable environment with plenty of doubt that this patchwork system will be upheld.
These issues are so big and so annoying that it eats up a lot of time. We're in tech, so you might think of big companies like Google and Microsoft, but most tech companies are small businesses. We have no general counsel. We barely want to call a lawyer, because as soon as you spend money on a lawyer you're going to lose money on the sale. When selling to small businesses, we need to do things quickly and efficiently.
The biggest fear is that the European Union could make it illegal to do business with American companies as long as the data is stored in America. That's possibly too expensive for most of the companies in the trade association, making them unable to transact in Europe.
Q: The concern is that the NSA might gain access to the data that's being stored here?
A: That's right. At Olark where I work we take a position that we want to have the best, safest privacy policy. We have internal training all the time. We have a security team to make sure that we are treating our customer data with utmost respect and good faith and fidelity. That's just us acting as an independent company. And so you can negotiate with us, and you can sign a contract with us. The problem is that the government is an external party to every contract.
So if the government can snoop on the data of foreign customers, they become a party to those contracts, and we can't control that. We're just businesses and private individuals. We have no power over what the government does, especially on national security. But it certainly has an impact on our growth. Because you've seen it—after the leaks from Edward Snowden, the sales of American cloud companies have been reduced in Europe.
There are real economic burdens, not only on loss of sales because people are afraid and they don't trust their data is safe; not only in the operational costs of having to move the data centers to Europe; but also in the transactional costs of having to keep up with all the regulatory negotiations around things that are just way beyond the expertise of most of the companies in the trade association.
Q: If this is cutting into the bottom line of your members, why aren't they organizing to stop it?
A: We do talk about it, but government lobbying is so beyond most of our experience and expertise that we're outmatched. We don't know what to do.
It's still a very young industry, and it's not even that large. It's probably less than $10 billion globally [gross domestic product] right now in 2016 for [business-to-business] cloud software. There are certainly some giants like Google and Salesforce and Microsoft and Apple, and so most of us rely on them and hope that their counsel can fight the good fight for us.
But ultimately, there's no one standing up for our voice. The big companies can agree to an onerous legal process, because they have a legal team. We don't. And we just can't afford lose money every time we talk to a lawyer.
