Stories over the past several months have pointed at some of the biggest names in technology as having participated with the government to turn over access to user data. The NSA-backed PRISM project allegedly involved user data from Google, Apple, Facebook, and Microsoft. Other reports claimed that Verizon (VZ +0.66%), under the compulsion of a secret court order, had turned over months of customer call data. Now a new report reveals that the U.S. government is tapping SecureKey Technologies to allow it to issue secure online IDs to give users a single point of access to various government services and databases.
In the aftermath of what has been billed as one of the biggest invasions of privacy ever, the idea that you should trust the federal government to safeguard private information sounds absurd. From an investment perspective, particularly as we move closer and closer to the initiation of the Affordable Care Act – also known as Obamacare – the potential costs, savings, and shifting of responsibilities could prove significant. While the story has far-reaching political implications, it will have an impact on a range of companies and is worth tracking for serious investors.
The driving initiative
The driving force behind the selection of SecureKey is President Obama's National Strategy for Trusted Identities in Cyberspace, or NSTIC. In 2011, the President said that a "secure cyberspace is critical to our prosperity." The idea being pursued is to give users a single secure ID that will grant him or her access to a variety of government agencies.
Additionally, the Federal Cloud Credential Exchange, or FCXX, is designed to give a single password to users to interact with different agencies covering such topics as health benefits, student loan data, and retirement information. One of the ideas behind the program is to keep the actual identities of users confidential from the agency, the third-party vendor, and anyone wishing to snoop. Of course, in light of the recent alleged NSA activities, the idea of storing health and financial data under one password should give us all pause.
The Verizon case
To put some of these security issue in context, the Verizon case is instructive. In response to the barrage of bad press, the company issued a release in which it highlighted that if such a court order had existed, it would have compelled the company to release information, and it would have required that the company make no disclosure that the order ever existed. In other words, Verizon wanted to tell the world without explicitly violating the requirement of secrecy that it was forced to comply and keep quiet about it. Ultimately, what the Verizon case -- and PRISM -- demonstrate is that consumer data is subject to government discovery without disclosure.
Investment implications
While it is unlikely that a shift to SecureKey will have a direct impact on any of the tech and telecom companies that have been implicated in the NSA leaks over the past several months, there's potential for it to impact the bottom lines of those companies that deal directly with the government on a regular basis. For example, a study by the National Institute of Standards and technology estimates that the IRS could save $40 million to $111 million in set-up costs, and $2 million to $19 million annually. The IRS typically deals with people only once per year. Companies that will need to interact with the government for health care exchanges under Obamacare stand to save even more.
To be clear, the selection of SecureKey by the USPS has yet to be rolled out on a large scale basis, and no link to Obamacare has yet been made, but the conclusion is not unreasonable. Beyond protection your own privacy, investors will want to see how this system is adapted because it could impact countless companies.
