Last month, Silicon Valley purported to be shocked by revelations that the National Security Agency (NSA) has routinely accessed the servers of tech giants Google and Yahoo, which store data for hundreds of millions of users. In response, the companies pledged to step up privacy protections.
There is only one problem: Such protections run counter to the business model and public policy agenda that tech companies have pursued for decades. For years, U.S. information technology (IT) firms have actively backed weak privacy rules that let them collect massive amounts of personal data. The strategy enabled the companies to work their way into every corner of consumers’ lives and gave them a competitive edge internationally. Those same policies, however, have come back to haunt IT firms. Lax rules created fertile ground for NSA snooping. In the wake of the surveillance scandals, as consumer confidence plummets, technology companies’ economic futures are threatened.
Since the 1990s, companies from Google to Yahoo and Microsoft have done their best to ward off national privacy rules, calling instead for self-regulation. Early attempts to pass privacy laws, such as the Online Privacy Protection Act in 2000, died thanks to lobbying by the Direct Marketing Association and the
All rights reserved. To request permission to distribute or reprint this article, please visit ForeignAffairs.com/Permissions.