Shareholder Suit Accuses IBM of Concealing a Post-Snowden Backlash in China

Here’s a new twist on the whole NSA spying controversy that continues to unfold: Shareholder lawsuits against companies that suffer sales declines in international markets as suspicion of American tech companies grows overseas.

A Louisiana pension fund sued IBM in a federal court in New York City this week, accusing Big Blue of hiding a decline in sales to China. The fund says the decline was the result of push-back by Chinese government agencies and businesses concerned about buying gear from American companies, and fears that they might be complicit in NSA spying.

The Louisiana Sheriff’s Pension and Relief Fund names IBM, its CEO, Ginni Rometty, and outgoing CFO Mark Loughridge in the suit. In a 23-page filing (which you can read below), the fund argues that IBM lobbied on behalf of a proposed law that, in its words, “allows the company to share its customers’ personal data” with the NSA.

The bill the pension fund’s lawyers are referring to is CISPA, the Cyber Intelligence Sharing and Protection Act, and what it’s meant to do is give companies the legal framework they need to share information about cyber attacks and threats with the government, in order to help head off similar attacks on other companies.

CISPA was controversial, and never passed. But in the minds of the pension fund’s lawyers, support for that bill essentially equals playing ball with the NSA and its spying programs. Get it?

As the disclosures about PRISM and other NSA spying programs began to leak out, courtesy of the former contractor Edward Snowden, the pension fund argues that IBM knew it was likely to have a big problem on its hands when it came to China. “IBM knew its association with with NSA presented a material risk to the company’s sales … IBM knew that the government of China would not tolerate the company’s cooperation with the NSA and would prohibit businesses and government agencies from purchasing IBM products.”

As the Snowden disclosures wore on, the suit alleges that IBM continued to portray its business in China as healthy. But on Oct. 16 it reported a 22 percent drop in sales in China quarter over quarter, and a 40-percent drop versus the year-ago period.

The suit basically draws a hard line between IBM’s support for CISPA, the Snowden disclosures, and the drop in hardware sales in China. It goes on to accuse IBM of having “actively concealed” the Snowden effect on sales in China prior to the earnings report. After the company reported its results, IBM shares fell more than six percent the next day, from $186.72 to $174.83.

China is a big market for IBM, and accounts for about five percent of its sales, or about $5 billion and change last year. (IBM does’t say exactly how much.) Of that, it has said in regulatory filings that hardware sales historically account for about 40 percent, or about $2 billion, of its China business. So it’s easy to see why the drop hurt so much after years of consistent growth.

But, as anyone who follows IBM can tell you, hardware sales last quarter weren’t only bad in China. They were bad everywhere. Sales in IBM’s Systems and Technology business fell by 16 percent globally. And demand in what IBM calls its “growth markets” fell nine percent. Overall sales to the BRIC countries — Brazil, Russia, India and China — fell by 15 percent. That makes it unclear why the pension fund’s lawyers are drilling down so specifically on China, and not, say, Russia and Brazil, too.

Whatever the reason for the drop actually is, IBM has a response to the suit. It says the pension fund is confusing IBM’s support for the CISPA bill with the NSA’s PRISM program. “This bill does not refer to China, and it does not authorize government surveillance, facts that the plaintiff and its attorneys could have easily determined had they bothered to do the slightest fact checking.” It called on the law firm representing the fund to withdraw the suit.

The pension fund’s lawyers are drawing what is at best a tenuous connection between IBM supporting the CISPA law and what, if anything, that has to do with PRISM. Since CISPA is not a law, but rather just a proposed bill, then it follows that IBM wouldn’t be sharing any customer data under its auspices.

A more logical argument might draw a line directly between IBM having been a historical supplier to the NSA (See this 2008 press release for an example) and the Snowden Effect. Historically speaking, IBM’s contracts with any U.S. spy agency seem not to have hurt its results before Snowden. Would the effect really be that drastic now?

It might, at least in the short term. In June, Leping Huang, an analyst with Nomura Securities, warned that China might use the Snowden disclosures as an excuse to push back against U.S. companies.

And last month, The Wall Street Journal noted a pattern of declines in sales to China, not just at IBM, but at Cisco Systems and Microsoft, too. There are several logical non-Snowden explanations: The Chinese economy is slowing; the government has slowed down IT purchases; there’s even been a renewed push for Chinese-made tech products.

But when asked directly about whether or not the NSA disclosures were hurting sales in China, Cisco CEO John Chambers conceded that they had, though he described the impact as “nominal.” (See the transcript here.) Cisco President Rob Lloyd followed Chambers on the call, saying the disclosures were “… causing people to stop and then rethink decisions.”

Either way, if the suit is allowed to proceed (it may not; IBM’s first move will be to ask a judge to throw it out), you can bet there will be others like it, and against other companies, too.

Here’s IBM statement responding to the suit in full. And below that is the legal complaint:

Yesterday, IBM learned of a lawsuit pushing a wild conspiracy theory. This lawsuit seeks to confuse IBM’s support for a U.S. cybersecurity legislative proposal — which has yet to be enacted — with the completely unrelated NSA surveillance program called PRISM. Even a cursory reading of the legislative proposal, known as CISPA, makes clear that it has nothing to do with the recently disclosed NSA surveillance program. The legislation is designed to help protect companies from cyber attacks by encouraging the sharing of technical cyber threat information, such as malware code. The ability for those under attack to work together to help prevent cybercrime is a modern business requirement and an important goal, which is why many companies, including IBM, support such legislation. This bill does not refer to China, and it does not authorize government surveillance, facts that the plaintiff and its attorneys could have easily determined had they bothered to do the slightest fact checking. Starting from this fictitious connection between CISPA and PRISM, the complaint proceeds to make numerous specious and false accusations, and IBM calls upon the law firm that filed this action to do the right thing and dismiss this action immediately. To fail to do so is a profound disservice to the judicial system, to the public, and in this case, to IBM. IBM will vigorously fight this baseless lawsuit.

Louisiana Sheriff’s Pension and Relief Fund vs. IBM by Arik Hesseldahl