On Friday, SAP issued an odd press release saying that “recent media coverage” was “flawed” and “misleading.”
The German software company was trying to stomp out a firestorm in its home country over accusations that it was somehow in bed with the NSA, and that the NSA had bought its HANA database and was using it for spying.
HANA is designed to sift through massive amounts of data really quickly, so it could be good for, say, looking at billions of cell phone records to find terrorists.
In the US, we’ve heard a steady stream of reports-and-denials from companies about their involvement, or lack of it, in the NSA snooping scandal as revealed by Edward Snowden. (The whole RSA incident in 2014 comes to mind.) That seems like business as usual to us.
An excellent report from Re/Code’s Arik Hesseldahl explained why this “we didn’t do it” press release was more than it seemed.
In Germany SAP was the subject of a couple of investigative reports last week that said SAP not only sold its HANA database to the NSA, but that it was systematically pursuing American spy agencies as customers. The German news site Zeit Online even used the headline: “SAP is Working for the N.S.A.”
There are several reasons this upset people. SAP and its billionaire co-founder Hasso Plattner are like the Microsoft and Bill Gates of Germany. He’s the eight richest person there, heavily admired and heavily scrutinized.
And for the first time, his company is being run by an American, Bill McDermott, who took over as sole CEO not even a year ago. As we previously reported, McDermott landed the office after an internal battle between the German and US factions of that company. (He now lives in Germany.)
But government spying is particularly nasty to Germans, as Hesseldahl explains:
Germany was ground zero for the Cold War. Before the reunification in 1990, people living in Communist East Germany lived in a society in which it was common to be pressured by the Stasi secret police to spy and inform on friends, neighbours and family members. The notion that benign personal information in the wrong hands might be turned against you is deeply felt across the German political spectrum.
Should SAP lose the trust of its home country and by extension Europe, particularly over its most important new product HANA, the company would be in deep trouble. Plattner recently admitted to Re/Code that if HANA and its cloud plans aren’t a success, “We’re dead. Flat-out dead.”
The press release was trying to squash the issue before people could buzz about it at CeBit, the huge tech show taking place this week in Hanover, Germany.
McDermott unequivocally says that there are no “backdoors” in SAP software that allows spies to secretly snoop on companies that buy and install HANA. But as Hesseldahl points out, SAP doesn’t actually deny that the NSA is a customer.
And it also points out that SAP can’t tell any customers, NSA or otherwise, what they can do with SAP software after they buy it.
“It would make no sense in the free market to sell someone some software and then to try and dictate what they can or can’t do with it,” he said. “The stories were wrong. But because of all the sensitivities in Germany we decided to respond strongly.”