10/25/2013 05:43 pm ET Updated Dec 25, 2013

Private Sector Paying Price for Government Privacy Follies

By now, many Americans are aware of the data surveillance practices that the National Security Administration has engaged in. Whether it's your phone records, who you're emailing or what you are Googling, Americans are now aware that what we once assumed was private is not. There are apparently no "A and B" conversations. The NSA is not "C-ing" its way out.

While much of this has impacted the individual expectation of privacy here in the United States, we are starting to see the ramifications unfold internationally for U.S.-based Internet and telecommunications companies. While foreign governments may be wagging their finger at the United States for their navigation of private information beyond sovereign borders, many American companies, particularly in the technology sector, may end up paying the price for our own sovereign's transgressions.

It starts with the European Union. The movement to enhance the existing Data Protection Regulation in the EU has found new life. The EU is in the process of strengthening its digital data privacy laws, the far-reaching effects of which will be felt by any U.S. company doing business in the EU. The latest move toward implementation of the new legislation occurred in late October 2013, when the European Parliament approved certain amendments to the current draft of the legislation. If passed, these amendments will further strengthen online data privacy and severely restrict the transfer of EU citizens' personal data to non-EU countries.

Brazil is leading a charge to protect its own citizens' personal data by debating regulation that would require Internet data on Brazilians to be stored in Brazil. Many technology companies are fervently pleading with Brazilian legislators to avoid taking such measures since much data storage for tech companies, particularly startups, is hosted on servers within the United States or abroad.

With France and Mexico also having been recently offended by the prying eye of the NSA, we may see further movement in these jurisdictions aimed at curbing the reach of American agencies as well as the ability of American companies to operate and manage data abroad.

The data blowback we are seeing may just be the beginning. As the breadth of the NSA's practices comes to light, we face a grand challenge for Internet companies trying to connect the world through applications whose real promise is often times found through bringing people together virtually across borders.