Revelations that the National Security Agency has cracked the encryption technology that protects Internet users' privacy could lead to a nightmare for Silicon Valley.
Valley firms need to immediately spread sunshine on their role in NSA's work and assure consumers that their legitimate privacy concerns are being addressed by private industry, if not the government.
Companies need to specifically inform users how much of the NSA's success was due to the government's investment of billions on code-breaking supercomputers to get around encryption, and how much was because NSA partnered with tech companies who provided back-door access to information. Reports so far are inconclusive.
Consumer trust is at stake. If it plunges, so will the strength of Internet commerce.
Silicon Valley has spent four decades cultivating its image as the place to get rich while making the world a better place. That last point won't hold up if consumers believe tech firms are complicit in what appears to be illegal government espionage on Americans.
It's a short leap to think the companies themselves are exploiting data people were led to believe is protected by solid encryption.
It's one thing for tech companies to help federal agents track potential terrorists when shown sufficient cause. It's another if they've given government spies the unlimited ability to pry into users' private emails, see where they go and who they meet and take fishing expeditions into their personal medical and financial records.
If it's possible not to mention legal for the government to do this, why not others?
In July, Yahoo persuaded the secretive U.S. Foreign Intelligence Surveillance Court to declassify legal briefs explaining Yahoo's effort to protect consumers from government surveillance. It was a significant win for transparency.
But it's increasingly clear that Americans are in the dark about the extent to which both technology firms and the government are tracking our everyday lives.
Tech firms need to lead the way in demonstrating that legitimate terrorist threats can be investigated while still protecting Americans' privacy.
They also need to be users' No. 1 advocate in preventing unnecessary and illegal intrusions into our most private information, or else consumers will no longer want that information to be online.