Shareholder sues IBM for hiding Snowden slowdown in China

An IBM shareholder has sued Big Blue over claims it hid the impact of the National Security Agency’s surveillance program PRISM on its sales in China.

The suit comes from the Louisiana Sheriff’s Pension and Relief Fund, which has accused IBM of concealing a risk to investors stemming from the NSA’s PRISM and IBM’s support of a bill in the US that would allow it to “share its customers’ personal data — including data regarding the Company’s customers in China — with the US National Security Agency”.

The bill it refers to is the Cyber Intelligence Sharing and Protection Act (CISPA), which hasn’t been passed, but was opposed by privacy groups and geared towards the exchange of cyber threat information between US intelligence agencies and private companies.

The suit claims IBM’s association with the NSA through that bill and documents released by Edward Snowden in June, which linked all major US tech companies to its surveillance program, warranted an immediate disclosure from IBM of a “material risk” to investors.

“Upon the revelation of Prism… IBM knew that the government of China would not tolerate the company’s cooperation with the NSA, and would prohibit businesses and government agencies in China from purchasing IBM products,” the complaint reads.

However, it claimed investors only became aware of the impact at IBM’s Q3 earnings — the quarter after Snowden’s initial leaks — where it reported a 22 per cent decline in sales in China from the prior quarter. After its earnings update, IBM’s share price fell $186.76 to $173.83.

IBM said the lawsuit advances a “wild conspiracy theory” that confuses IBM’s support of Cyber Intelligence Sharing and Protection Act (CISPA) with the unrelated NSA PRISM program.

“This bill [CISPA] does not refer to China, and it does not authorize government surveillance, facts that the plaintiff and its attorneys could have easily determined had they bothered to do the slightest fact checking,” IBM said in a statement.

“Starting from this fictitious connection between CISPA and PRISM, the complaint proceeds to make numerous specious and false accusations, and IBM calls upon the law firm that filed this action to do the right thing and dismiss this action immediately. To fail to do so is a profound disservice to the judicial system, to the public, and in this case, to IBM.”

The suit follows a warning in November by Cisco that an expected fall in revenues by as much as 10 per cent could in part be attributed to a backlash in China over US surveillance.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Copyright © 2013 IDG Communications, Inc.

The 10 most powerful cybersecurity companies