Most companies try to extract commercially valuable information from their competitors’ communications. Thus, executives need to be aware that all the information shared outside the organization, including marketing material, can be used to generate competitive intelligence. Already in 2000, Thomas Donahue, President of the US Chamber of Commerce, drew attention to the cost of industrial espionage: “There is no challenge more ominous to global business competitiveness than economic espionage. Espionage is a growing threat… estimated at $2 billion a month.” 8 years later PwC, a professional services firm, reported: “Espionage costs top 1000 companies $45 billion per annum. Corporate spying has doubled in the past 10 years.” The financial damage will increase even further due to cybercrime. As Juniper Research forecasts, the cost of data breaches will reach $2.1 trillion globally by 2019, increasing to almost four times the 2015 cost estimate. The average cost of a data breach will exceed $150 million by 2020, as the digitization of business infrastructure progresses.
“I’ll spy on you till death do us part”
In 2014, the US National Public Radio (NPR) surveyed 70 domestic violence shelters across the country. 85% were working directly with victims who had been tracked using GPS. 75% provided shelter for victims who had been eavesdropped through hidden mobile apps. Almost half of them prohibited using Facebook on their premises as they were concerned that stalkers could pinpoint their exact location.
These findings confirm that cyberstalking is very common. Most likely, it will increase even further as more companies are developing or already selling spyware with more advanced monitoring features. Some of them are advertising it like any other must-have product, especially targeting customers who want to better monitor the online (mobile) activity, communication and movements of their spouses (hence the term spouseware), or even making moral implications in their marketing material. On its website, one spyware provider promotes its product like that: “If you’re in a committed relationship, responsible for a child, or manage an employee, you have a right to know. Find out the truth, spy on their phone.” What is interesting in this ad is the explicit encouragement to spy on a partner justifying it with the right to know the truth. It also covers employees, thus suggesting that the spyware is suitable for other contexts as well.
Spyware that first appears in the form of a text message with a link has been on the market for the past few years. It is a ‘user-friendly’ product: if a message receiver clicks on the link, their phone starts leaking personal information to a third party, the actual product user. This kind of spyware has attracted a lot of interest from state agencies once it became more affordable. More countries are willing to spend a few hundred thousand dollars to access the information they need, says Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, a digital rights NGO.
Despite the fact that the providers of this kind of spyware insist that it should be used only for legal purposes like fighting crime and terrorism, security researchers and civil liberties groups argue that it is not always the case. According to them, some governments use it to track human rights activists, journalists and other individuals who stand on their way.
The sales of surveillance spyware have increased, says Mike Murray, Vice President of Security Intelligence at Lookout, a mobile security firm. He also observes a trend: countries that cannot develop their own software can easily buy it, and many of them do.
Mistrust as a business opportunity
The disclosure of the mass surveillance programmes run by the US National Security Agency (NSA) by its former employee Edward Snowden has challenged the market position of US web services. Some analysts forecast billions in losses in overseas markets, especially in Europe, as more tech consumers have become concerned about their privacy and data security. “The Snowden leaks have painted a U.S.-centric Internet infrastructure, and now people are looking for alternatives,” says James Lewis, Director of the Strategic Technologies Program at the Center for Strategic and International Studies.
Consumer mistrust is also seen as a new business opportunity. For example, some Swiss entrepreneurs have set up a server farm in an old bunker with the aim of creating ‘a hub for advanced security technology’. Switzerland’s privacy laws and culture make it even a more attractive and feasible venture. Lewis believes that this kind of tech initiatives challenge the US lead in web services like remote data storage. “It hasn’t been long enough to know if the economic effects are trivial or serious, but the emergence of foreign competitors is a sign that it’s serious,” he notes.