Following in the footsteps of Amazon, Google and Microsoft IBM put out a blog post responding to questions over government access to user data. In it, Robert C. Weber IBM Senior Vice President, Legal and Regulatory Affairs, and General Counsel deals with rumors that IBM hardware is compromised by the NSA and the company’s plan for responding to requests for data.
Weber says point blank that IBM has not given any data to the NSA, nor does it have “backdoors” in hardware which would allow the NSA to get data itself. The notable points of the post include critical distinctions between IBM and companies that provide both hardware and software like Microsoft. Specifically that the to the extent that the government sought data housed on IBM hardware, that they would and should go to the specific client not IBM because IBM just provides the machines not what’s on them.
That may provide some solace to clients, but the post overall does little to address NSA backdoors beyond the initial denial. Little proof is offered to readers to show that hardware isn’t compromised.
Despite that, the company is detailed on how it views any subsequent data requests. To wit: “If the U.S. government were to serve a national security order on IBM to obtain data from an enterprise client and impose a gag order that prohibits IBM from notifying that client, IBM will take appropriate steps to challenge the gag order through judicial action or other means.”
The post also argues against policies like data localization and opaque intelligence gathering techniques. Importantly, the company also advocates for strong encryption – “Governments should not subvert commercial technologies, such as encryption, that are intended to protect business data,” Weber writes. While less fiery than the Microsoft blog posts, IBM has staked out a strong position against spying. The post is also likely an effort to bolster sales abroad which have slumped – especially in China – since the Snowden leaks.