- The Washington Times - Wednesday, August 7, 2013

MUNICH - The fallout from the NSA spying scandal could create major headaches for new U.S. Trade Representative Michael Froman as he tries to move forward with an ambitious trade deal with the European Union.

German companies are more concerned about industrial espionage from U.S. competitors than they are about the prospect of National Security Agency and other U.S. intelligence agencies eavesdropping on their conversations, a study finds.

German executives say the American business community poses a higher risk for industrial espionage and data theft than even Russia, and is on par with concerns about China, according to a report from the accounting giant Ernst & Young.

The survey results were released as U.S. trade negotiators barely began talks on President Obama’s proposed Transatlantic Trade and Investment Partnership (TTIP), designed to open markets further in the United States and the 28-nation EU. The two sides have announced a tentative goal of reaching at least a preliminary agreement by November 2014.

A first session of the negotiations was held in Washington last month, despite a call from France that they be delayed over reports that the NSA data-gathering extended to several U.S. allies. To avoid further delay, U.S. and European officials reportedly held a separate, private session at the Department of Justice to go over the NSA programs.

But the uneasiness over the NSA intelligence activities is clearly not limited to government officials in Europe.

“Until now, [German companies] mostly identified China and Russia as the location of [potential] attackers,” said Bodo Meseke, head of forensic technology and discovery services at Ernst & Young. “Now, companies need to realize that Western intelligence agencies carry out very extensive monitoring measures.”

Jason Healey, director of cyber statecraft initiatives at the Atlantic Council, said he feared the spying revelations will be a stumbling block that slows down negotiations like “sand in the gears.”

“Even if the negotiators can put this behind them, national legislators may feel compelled to criticize the treaty if their electorates are still stirred up, especially if new revelations emerge,” he said.

The Ernst & Young report, “Data Theft: New Challenges for German Companies,” features responses from executives at 400 German companies. It found that 26 percent of German senior management, information technology and security professionals believe the U.S. poses an increased risk to their companies.

That is second only to the 28 percent of survey respondents who cited China as the biggest risk.

The number of Germans who fear their U.S. competitors are spying on them has more than quadrupled since the survey was last conducted two years ago — a clear sign of the impact of revelations by Edward Snowden, the former NSA contractor who received temporary asylum from Russia.

Sensing these concerns, Germany’s top security official last month warned Internet users in his country not to visit popular American websites such as Google and Facebook if they are concerned that their private data might be collected.

“Whoever fears their communication is being intercepted in any way should use services that don’t go through American servers,” German Interior Minister Hans-Peter Friedrich told reporters at the time.

The U.S.-EU deal is expected to seek more open markets in farm products, cross-border investment and financial services, while “harmonizing” the two blocs’ rules on intellectual property rights and business regulation.

One of the sticking points for U.S. trade negotiators will be persuading the EU to allow companies to move data back and forth from their overseas operations to the U.S.

Europe was hesitant about such data transfers even before the NSA reports were published.

Bitkom, a German trade association for the information technology, telecommunications and new media industries, is pushing for the EU to place more emphasis on digital issues, such as data protection, during trade talks with the U.S.

“It is necessary to ensure that an adequate level of data protection is not only required but is also enforced,” Bitkom President Dieter Kempf said on the organization’s website.

The issue doesn’t appear to be going away anytime soon.

“The issue of data theft and industrial espionage will remain on the agenda” for a while, Mr. Meseke said.