The problem for the companies, it's worth emphasizing, is not that they were so unduly eager to cooperate with U.S. government surveillance. Many seem to have done what they could to resist. The problem is what the U.S. government -- first under Bush and Cheney, now under Obama and Biden -- asked them to do. As long as they operate in U.S. territory and under U.S. laws, companies like Google or Facebook had no choice but to comply. But people around the world who have a choice about where to store their data, may understandably choose to avoid leaving it with companies subject to the way America now defines its security interests.
Here's Naughton's version of the implications:
The first is that the days of the internet as a truly global network are numbered. It was always a possibility that the system would eventually be Balkanised, ie divided into a number of geographical or jurisdiction-determined subnets as societies such as China, Russia, Iran and other Islamic states decided that they needed to control how their citizens communicated. Now, Balkanisation is a certainty....
Second, the issue of internet governance is about to become very contentious. Given what we now know about how the US and its satraps have been abusing their privileged position in the global infrastructure, the idea that the western powers can be allowed to continue to control it has become untenable.... Nothing, but nothing, that is stored in their [ie, US-based companies] "cloud" services can be guaranteed to be safe from surveillance or from illicit downloading by employees of the consultancies employed by the NSA.
The real threat from terrorism has never been the damage it does directly, even through attacks as horrific as those on 9/11. The more serious threat comes from the over-reaction, the collective insanity or the simple loss of perspective, that an attack evokes. Our government's ambition to do everything possible to keep us "safe" has put us at jeopardy in other ways.
One more note: it is also worth emphasizing that this damage was not done by Edward Snowden, except in an incidental and instrumental sense. The damage comes from the policies themselves, just as the lasting damage from Abu Ghraib came not from the leaked photos but from the abuse they portrayed.
What governments do eventually becomes known. Eventual disclosure is likely when a program involves even a handful of people. (Latest case in point: Seal Team Six.) It is certain when an effort stretches over many years, entails contracts worth billions of dollars, and requires the efforts of tens of thousands of people -- any one of whom, as we've seen from Snowden, may at any point decide to tell what he knows.
In launching such an effort, a government must assume as a given that what it is doing will become known, and then calculate whether it will still seem "worthwhile" when it does. Based on what we've seen so far, Prism would have failed that test.
* Of course the "trust" comes with the caveat that the companies have been piling up this data for their own commercial, ad-targeting, data-mining purposes. But that's a known risk, more or less. The demands placed on the companies by the U.S. government are, for the public at large, the main news of the Snowden revelations.