Quick Left Hook

I came to DC in large part to explore the relationship between Silicon Valley and government and figure out how I could participate. What I’ve found over the course of my studies is a big disconnect between the two – a lack of understanding, a major cultural chasm, different realities and different world views. While Tech seems to ignore government as much as it can, the recent SOPA/PIPA confrontation brought these two domains to a face to face stare down, and Tech won in short order. One day of protest by such staples of modern life as Google, Wikepedia, Craigslist, and many more knocked Congress for a loop, backing away from legislation that had previously been pretty much assured passage.

With writing having been a big part of my career, I’m very sensitive to intellectual property rights. I am opposed to taking for-profit digital content for free. But in reality, we live in a radically different world where these practices are not only possible, they flourish – and it’s not just the Chinese or Russians doing it. Like the drug trade, illegal product is put where there is market demand – that includes the U.S. The demand must be stemmed – through education, through more realistic economic models (look what iTunes has done for 99 cents) as well as through technology. Young people in particular need to understand that illegally taking content costs jobs.

President Obama gave a nod to this issue in the SOTU address Tuesday night as he took on the issue of unfair trading practices. Policy approaches may be useful, but nothing hits home like real experience. When and if people in countries like China actually start to apply their own innovation and creativity, and then see their intellectual content stolen, they’ll get it.

But the internet cannot and should not be policed in the way SOPA was suggesting. Starting back with Napster [I know, dating myself], the world changed. Old laws no longer apply, and with technology moving so fast, there is no one who knows or even can know quite what to do about this problem. We are in uncharted territory. With one powerful jab last week, Internet content aggregators let it be known that they’re not going to take that responsibility- pushing Congress back to the ropes.

Exposed

The Economist Intelligence Unit, with backing from Booz Allen Hamilton, has just published the CyberPower Index, an index of G20 countries’ ability to withstand cyber attacks and to “deploy the digital infrastructure necessary for a productive and secure economy.”  On the one hand, I suppose this report can serve as a wake-up call, as it exposes legal/regulatory, economic and technical vulnerabilities that these countries need to address. I can see it being influential to investors looking for safe international opportunities. But on the other hand, it seems a bit provocative, maybe even mean-spirited, to point out who is most vulnerable, and why. Like telling a burgular which house is empty and where the goods are.  The Index is backed by research papers, which Booz describes as ”examining how the business community is responding to the opportunities and challenges offered by cyber.” This covers how organizations and governments can build cyber resilience, particularly in an era of mobile computing. I’m sure this is a way for Booz to sell consulting services, but such a tactic seems a bit over the top to me. I’d welcome any insights and discussion on why this is a good thing.

Think New

Hopeful start to the new year that on January 6th the Department of Commerce released a meaty report and policy paper The Competitiveness and Innovative Capacity of the United States to the U.S. Congress.  This work indicates the growing level of urgency around our slipping national competitiveness and the need for both sides of the aisle to take this seriously and think and act long term. In advocating for more support of STEM education, government investment in research, and needed incentives for industry, the paper is an interesting follow up to the National Academies’ 2005 Rising Above the Gathering Storm, which formally presented many of these same ideas and messages. While Gathering Storm was considered a wake-up call at the time, sadly we are not in any better a position seven years later.  It also came from an academic perspective, but now we have Commerce, advised by the National Economic Council, beating the drum. By summarizing the abundance of issues, from SmartGrid to broadband spectrum management to next gen air traffic control and more, hopefully the new Competitiveness and Innovation report will start getting Congress more focused on these big issues that are already impacting us economically and socially.

The Growing Innovation Gap

“You don’t have to slow down to be passed by others; they speed up.”

These evocative words from Bran Ferren, Co-Chairman Applied Minds, resonated through the Potomac Institute’s symposium – Effective Innovation: Keeping America On Top. Whether from slipping national investment in R&D or poor STEM education among the student population or inadequate processes for tech transfer, we are losing our national competitiveness in innovation. If there was ever an issue for improved technology policy, this is it.

 

Tipping Point for Data Privacy?

The late November settlement reached between Facebook and the Federal Trade Commission may be a benchmark moment for data privacy in the U.S. To date, the U.S. has not adopted any comprehensive data privacy regulations, but the volume of online data is now so great and our national dependence on the internet so extensive that I believe legislative intervention is inevitable. The question is – how soon?

The Facebook case, which arose from complaints filed in 2009 by the Electronic Privacy Information Center, invoked specific FTC regulations that are unknown to the majority of consumers, and I’d venture to bet, given my Silicon Valley upbringing, to most online marketers as well. Whether Facebook was conscious of these rules before it transgressed or not, who knows. It certainly should have been. And, well aware that they angered many of their users, they are now claiming significant changes to protect privacy and honor disclosure policies.

Still, the selling of personal information by any number of entities who collect it, which nowadays can go anywhere in the world within minutes of data capture, pretty much ensures a collision course between users and vendors. It is quite possible that Facebook, with its massive user base, is the poster child for this issue, but there are many, many others in this mix.

This situation has garnered considerable attention in the U.S. Congress, with various proposals under discussion such as mandating ‘do not track’ options on web sites, providing ‘opt in ‘or ‘opt out’ options for data collection, compelling full disclosure of how gathered data is collected and used, and special considerations for highly sensitive data such as social security numbers, passport numbers and geo-location information.

There is no specific bill currently under debate, but we may see some real legislation considered within the next 12-18 months that will impose general restrictions on corporate and government use of citizen data. Such legislation will undoubtedly impose hard-wired technical adjustment as well as changes to business practices. If Congress doesn’t act, I would expect to see watchdogs invoking the Facebook case as the new yardstick.

Salt in the Wound

As if it hadn’t already been rough going this week for AT&T, today brings news that Verizon has made a $3.6B deal to buy 122 Advanced Wireless Services spectrum licenses from SpectrumCo LLC (a joint venture between Comcast, Time Warner Cable and Bright House). In the accelerating spectrum wars, this potentially gives Verizon a big leg up on AT&T in expanding its mobile service capacity. While AT&T sought (probably still seeks) to buy T-Mobile, another full service provider like itself, Verizon is choosing to just pursue the specific asset it needs. With AT&T’s willingness to sell off T-Mobile customers to Leap in hopes of appeasing the Dept of Justice, the desire for the increased spectrum T-Mobile would bring is more readily apparent.

How will the FCC treat this new Verizon deal? Will it see the pursuit of this additional spectrum as putting Verizon in a similarly position to the AT&T/T-Mobile deal, which the FCC intepreted as creating an “unprecedented level of concentration in the wireless market”? Or will it be more lenient in allowing just one player to expand its core infrastructure by acquiring what others already hold? It promises a “thorough, fair and fact-based review” of the deal. Perhaps AT&T would be better served by trying a similar approach.

If other companies’ spectrum licenses are for sale, they undoubtedly will go to the highest bidder, which still leaves smaller service providers behind. We still need a fair and equitable way for the FCC to ensure access to those other than the telecom giants. Keeping a close eye on my mobile phone bill…

Game Up for AT&T-T Mobile?

When I blogged about AT&T’s proposed acquision of T-Mobile last August (see: Digital Deja Vu Aug 31), I guess I believed that because AT&T wanted it, it was just going to happen. News this week, however, suggests otherwise. With the FCC’s release of a staff report citing expected huge job losses and stifled competition, the intended merger appears to be in serious doubt. Of course there is also the trial of the Justice Department lawsuit set to begin in February, but even if AT&T were to prevail, they still need the FCC’s permission – which, it seems, they are not going to get. Score a rare one for the little guys.  

Just a few weeks ago, I recall hearing a rather matter-of-fact news story that said AT&T was expecting the deal to be delayed until summer. Just optimistic spin, or is their Leadership delusional? The report cites the FCC staff finding that ”the applicants’ assertions that the transaction would create jobs in the United States to be inconsistent with AT&T’s internal analyses and record statements concerning cost reductions from the merger.” But AT&T is crying foul, saying they hadn’t had a chance to see the report before it was released and didn’t know this information was in it.  Well, that doesn’t mean it wasn’t true. The repercussions of this deal were pretty obvious to anyone who took the time to think about it.  I find this an interesting turn in the privacy issues that are making daily headlines. Consumer information seems fair game, but AT&T wants these findings, which have true bearing on public good, kept quiet. 

I wonder how policy makers, and especially the current ultra pro-business Congress will react. Truly a merger with potential public impact of this significance is somewhat rare, but will the implications reverberate to other players? other sectors? AT&T had been holding out some hope that by selling some of its assets and T-Mobile subscribers to 2nd tier telecomm player Leap, they could somehow look like they’re not the mega-monopoly they would be from acquiring T-Mobile. What if I’m a T-Mobile customer and don’t want to be sold? What about the sanctity of those 2-year calling plans? Apparently this deal is a last ditch effort to appease the DoJ, but with the FCC’s action, it may all be moot. 

Of course the heart of the issue is spectrum – how to get more of what enables the mobile growth engine, which is in increasingly short supply. It is definitely time for regulatory action on bandwidth. Maybe Light Squared is going to come out a winner after all…?

Another View on Vulnerability (I Still Want to Go Back to the Bubble)

OK, I seem to be in a cyber security phase.  If the defense guys and wonks are rabid about the lack of policies to address this issue, the lawyers are grappling with a different angle.  At today’s Nebraska U Law conference, four big brains debated the slippery slope of domestic vs. international law, crime vs. espionage, kinetic vs. ‘soft’ attack, information sharing vs. security concerns, and the constant challenge of balancing diplomatic restraint and policy trade-offs in the face of known attacks from sovereign state actors (like China and Russia).

One of the panelists quoted a 3rd party who said “we’re the walking dead and don’t know it yet.”  This echo’d something I heard at last week’s seminar – “They could shut us down any time they want to; they just don’t want to.”  Who is ‘they?’ I pondered with some concern. The exposure of our electrical grid has become a common topic of conversation. Apparently there is a rumor that China has put something called logic bombs in it, which have the sole purpose of destroying the system.  BUT, China is our biggest creditor – so can we really force this suspicion?  Does this seem like an urgent problem to anyone but me???

Civil, criminal, conflict (war), and espionage attacks fall under the jurisdiction of different governmental authorities – perhaps at the federal or international level, but possibly at the state or even more local level. (And we all know how well these agencies share with each other.) This imposes different protective and prosecutorial statutes, but also creates an enormous grey area over terminology, definitions and boundaries around what constitutes what kind of cyber ‘activity’ (apparently even the word ‘attack’ is loaded and has a strict context. ) The complexity of digital technologies makes cyber aggression difficult to trace and even more difficult to prosecute. Short of a clear instance of physical harm, building a legal case that will stand up with the appropriate adjudicating authority seems quite challenging.

Best to prevent such incidents in the first place, right?  I come back again to the defense issue.  The list of vulnerable apps was long – mobile, cloud, IPv6, medical devices, smart grid, supply chain reliability, and behavioral advertising…doesn’t that cover just about EVERYTHING that makes the modern world run?  As at last week’s Potomac conference, I saw an enormous  disconnect between Silicon Valley and Washington. Today’s legal experts also described Silicon Valley as just overwhelmingly concerned with making as much money as possible, with security and data privacy as afterthoughts.  Well it would seem to me there is enormous financial opportunity (and a fair bit of glory) for the innovator that figures out real protection for the digital infrastructure that runs today’s world.  The point of view of today’s panelists certainly reinforces the growing urgency for policy makers and high tech innovators to somehow come together – fast – in figuring this out.

Vulnerability (or… can I go back to my bubble now please?)

And until now I was only worried about hackers trying to get into my bank account. I learned yesterday that there are 6 categories of cyber threat perpetrators – at least according to one expert at the Potomac Institute, a policy think tank that studies cyber security, among other things technological. Select nation states (read that China, Russia, Iran?), organized terrorist groups, cyber-social ‘malefactors’ (such as the group Anonymous), hooligans, hactivists, and just plain old criminals all pose cyber threats, each with different motivations, capabilities and resources.  Kind of makes me miss the good old days of the Mob, which at least was predictable and bounded.

The august panel at today’s Cyber Symposium were decidedly hawkish, but while I didn’t agree with a lot of their politics, I absolute respect their grasp of the issues and their passion around dealing with the threat. By the time it was over, my world view was somewhat changed. Risks are everywhere – from the technology supply chain to the memory stick in someone’s pocket to our unsecured energy grid. Life as we depend on it could come to a screeching halt in less than a second, if the right malware is released into the system. As with other forms of terrorism, you can’t let this stop you from living your life, but more aggressive approaches to this situation are indeed warranted.  

While I listened to this group of Washington-insider defense experts debate what policy action is required from which branches of government, I was struck by an over-riding thought: this is not a traditional defense situation, and Washington is NOT going to solve this problem. Industry might. It is the ICT industry who innovates, who develops the technology in the first place (albeit often from publicly funded basic research), and who has the unencumbered agility to try different things. Besides, the private sector is concerned with its own security, so is already working on these issues.

Yes, industry will expect and deserve to be paid, but heads of U.S. corporations are also Americans, and I’m just not that cynical yet to think they wouldn’t be willing to collaborate on helping protect the country and the national infrastructure – which by the way affects their customers too.

Yesterday, the digital divide was so glaringly apparent to me – the one betweenWashington and the Silicon Valley. Government and industry are going to have to get together in a hands-on practical way about this issue. Or not…  Stay alert, people. And keep your Norton up to date.

Helping High Tech – Behind the Scenes in China

Kudos for USITO - the United States Information Technology Office – representing US ICT industry interests in China. Talk about a tough job. A trade organization supported by 5 U.S. parent associations, this outpost of American capitalist interest is fighting the good fight for U.S. ICT companies in a distant and less than friendly locale.  USITO Managing Director Matt Roberts detailed key Chinese ICT policy objectives at yesterday’s session at TechAmerica in Santa Clara, CA, as well as their organization’s mission to try to give U.S. companies a fair shake in an inwardly-obsessed market.

Given several expert sessions I’ve attended on China, and my own limited observations, I conclude that China seems to feel (whether rational or not) under seige, and will do anything to defend and better itself. I find this interesting, as the developed world feels under seige by them. Despite explosive economic growth in urban areas, the country is over-crowded, badly polluted, has massive socio-economic disparity and is behind much of the rest of the world in terms of economic maturity. WTO membership is forcing them to confront international standards and expectations for fair trade – that does not include things like software piracy, exporting toxic products, poor quality and bribery as a way of business life. However, these problems are rampant in China. As the country aggressively pushes toward continued expansion (9-10% GDP for several years now), more responsible and equitable global engagement is going to be a requirement.  This need is pitted against a frenetic internal culture of self interest, self promotion, and short term gain – all underpinned by the Communist Party obsession with remaining in power.

U.S. ICT vendors are often burned by China’s disrespect for IP rights and stringent policies that significantly impede market entry or growth. And yet most keep pushing into this huge market, hoping for just a piece. Mr. Roberts suggests that when U.S. companies win in China — despite the barriers — it is because of technological and product superiority. When it has to be right, people anywhere are willing to pay for quality. With China’s clear ambitions to peer level status (or better), it behooves U.S. to keep up both the quality and innovation that will drive the world leadership position – of course STEM education is critical here, but that’s a discussion for another day.

I can’t help but wonder how many American ICT vendors are aware of USITO and its efforts on their behalf. I am not affiliated with that organization – but may I suggest that donations might be appropriate?