There is no doubt that in today’s national security landscape the most advanced technology is needed to keep nations safe. The need is even more pronounced for nations, such as the United States, which often face threats on multiple fronts. Over t
he past several years, the frequency and complexity of cyber-attacks and espionage activities against the U.S. government and military has increased at an alarming rate. In a post 9/11 world, security agencies once strictly focused on national borders must now communicate efficiently and coordinate effectively with overseas military and intelligence operations, tracking the movements of terror suspects.
The U.S. Department of Defense (DOD) has acknowledged the need to protect the nation from cyber-attacks and to create an efficient framework to share information among the different military and national security agencies. In 2010, it launched the U.S. Cyber Command to protect digital security networks and manage cyber resources. While the internal efforts of the military and security administration in the realm of cyberspace have been remarkable, a recent and unique trend has been emerging; a formal partnership between the U.S. security community and the private sector.
Partnership and cooperation between the military and the private sector has long been a part of U.S. history and the development of its security capabilities. More recently, the DOD has set-up a formal dialogue between the security community and top management of private IT and defense firms, known as the Enduring Security Framework. Security officials have repeatedly acknowledged the inherent advantages in technological development that only the private sector can execute. When advocating for a stronger public-private partnership, former U.S. Deputy Secretary of Defense William Lynn as pointed to the 81 months it takes the Pentagon to develop a new computer system as opposed to the 24 months it took Apple to develop the iPhone. With the culture of continuous innovation in Silicon Valley and the speed of bringing ideas to market that only a profit-driven business can accomplish, the security community has begun to rethink its strategy to team up and tap private sector capabilities.
One of the more interesting strategies has been the emergence of the security community’s effort to invest venture capital and private equity stakes in tech startups. The most obvious example is In-Q-Tel (IQT), the investment arm of the CIA, which provides funds for equity stakes and product development as well as consulting services to tech startups. Since its inception in 1999, IQT has invested in over 165 firms and delivered more than 350 different technologies for the defense community. One investment has proved amazingly successful: Palantir Technologies. A tech startup that was shunned by
the private equity community, Palantir turned to IQT for its seed investment, and created a technology that has been dubbed the solution to the 9/11 security problem. It has created a massive system that can mine through all the data scattered throughout the entire security community and display it on a single dashboard. Security officials have been enthusiastic about Palantir (one Special Forces member stationed in Afghanistan has described it as “plugging into the Matrix”) and to date, it has been used to find suspects in the murder of a U.S Customs Agent, uncover bomb networks in the Middle East, solve child abduction cases, analyze combat operations in real-time and detect credit fraud scams. Its customer list includes the CIA, FBI, the entire military, the police departments of New York and Los Angeles as well as banks seeking to prevent financial fraud.
IQT seeks to invest in the startups that can deliver technology for the security community while also having the capability to commercialize its business and earn a profit. It is evident, as the example of Palantir clearly illustrates, that such a strategy can yield huge rewards, both for the startup and the security community’s perpetual and necessary appetite for cutting-edge, creative technology. However, when security agencies take ownership stakes in a business, there may be serious implications for the business’s prospects. Palantir is fortunate to be creating a product that can be utilized by many industries that pose no security threat to the U.S., and therefore realize future growth and healthy profits. But what of the companies, owned in part by IQT and other government sponsored investment bodies, which create more narrowly-focus products and services? Security policy limitations, essential to prevent the transfer of technology to the hands of potential U.S. enemies, cause startups to essentially face a ceiling of profits and growth from their business’s inception.
Limitations can come in many forms; inability to effectively market a product due to classified information, limitations on customers (including lucrative contracts such as China which may be unattainable due to security policy) and distribution of technology to corporations who have overseas operations vulnerable to foreign government intrusion. In such a context, businesses may be severely restricted in pursuing new markets and customers. The inherent problem is compounded when considering the rights of other shareholders who invested in the business to see it grow and turn a profit.
Such cases have occurred in the past, with a notable example being that of the satellite intelligence firm ImageSat. Seeking to create a satellite surveillance and analytics company that had the impression of being disconnected from the U.S. security community, and therefore scarring off potential global customers, a group of Israeli and American investors founded ImageSat. Incorporated in the Cayman Islands, the firm sold satellite surveillance to governments including China, Venezuela and Angola. While being free from government regulation, the Israeli government (which had influence through formal investment as well as Israeli private shareholders) placed restrictions on business operations, namely that services could not be sold to any customer within a 2,500 mile radius of Israel. It wasn’t long before shareholders, both private and individual and companies from around the world, filed a lawsuit claiming up to $300 million in damages on the grounds of corporate malfeasance and limitations on business prospects.
The above case illustrates the inherent conflict of interest when security agencies take an ownership interest in private startups. On the one hand investment programs such as IQT provide much needed seed funding to entrepreneurs and deliver important technological advance to the U.S. security community. On the other hand, the startups face inherent restrictions in their marketing capabilities and business development from the beginning, often in times when income is necessary to fund product development and attract investors. In order to preserve this investment strategy, highly beneficial to both the national security and entrepreneurial community, there must be a clear and transparent framework identifying the limitations of government equity positions. Businesses, and their shareholders, must be made aware of security policy implications; where business opportunities end and national security policy begins. Only when such policies are clearly developed and articulated will security
agencies be able to tap into the creative world of the private sector while allowing businesses to rightfully grow and prosper.
 William J. Lynn, Defending a New Domain, Foreign Affairs, Sept. 2010, at 97.
 Id. at 102.
 See generally James Ledbetter, Unwarranted Influence: Dwight D. Eisenhower and the Military-Industrial Complex, 15-44 (2011).
 Supra note 1, at 105.
 IQT Corporate Fact Sheet, In-Q-Tel, http://www.iqt.org/mission/IQT%20Corporate%20Fact%20Sheet.pdf (last visited May 5, 2012).
 Ashley Vance & Brad Stone, Palantir, The War of Terror’s Secret Weapon, Businessweek (Nov. 22, 2012, 3:56 PM), http://www.businessweek.com/magazine/palantir-the-vanguard-of-cyberterror-security-11222011.html
 Supra note 6.
 Eamon Javers, Broker, Trader, Lawyer, Spy, 217 (2010).
 Id. at 219
 Wilson v. ImageSat Int’l, No. Civ. 6176(DLC), 2008 WL 2851511, at *1 (S.D.N.Y. July 22, 2008).