James Risen and Nick Wingfield report that the extent of Silicon Valley’s cooperation with the NSA goes deeper than people realize. Max Kelley, for example, left a job as chief security officer for Facebook in 2010 and went to work for the NSA—a move “which has not previously been reported.”
The sums the N.S.A. spends in Silicon Valley are classified, as is the agency’s total budget, which independent analysts say is $8 billion to $10 billion a year.
Despite the companies’ assertions that they cooperate with the agency only when legally compelled, current and former industry officials say the companies sometimes secretly put together teams of in-house experts to find ways to cooperate more completely with the N.S.A. and to make their customers’ information more accessible to the agency. The companies do so, the officials say, because they want to control the process themselves. They are also under subtle but powerful pressure from the N.S.A. to make access easier.
Once again, I think it’s worth emphasizing the international trade aspects of this. In principle at least, Americans’ communications are supposed to have some legal and constitutional protections. But U.S.-based high-tech companies have lots of foreign customers. Those customers lack the legal and constitutional protections that Americans enjoy. Consequently, the fact that American high-tech companies have so many foreign customers is a huge source of strategic advantage to the American intelligence community. But these revelations of deep ties between the companies and American intelligence are now a source of commercial weakness.
After all, imagine what would happen if we found out that the vast majority of manufactured goods have secret surveillance devices embedded within them that are controlled by the People’s Republic of China Ministry of State Security. That’d certainly lead to a rethinking of the basic case for free-ish trade between the U.S. and China. By the same token, there was already a pre-existing political controversy in Europe about the possible need for tougher regulation of tech companies’ handling of their users’ data. A month ago, I would have said that the would-be regulators would be a little bit ridiculous and I think that was also the perception at elite levels in Europe. But it’s now clear that there’s nothing ridiculous about it. If you’re Dutch or German or Italian or Brazilian or Indian you want your government to step in and do something to make sure our government isn’t gaining access to all your emails and then spreading them around to a sprawling cast of thousands of operatives and contractors.