November 13, 2014

Dr. King, Gov't Intimidation, and Competition in the U.S. Telecom Market

On November 12, 2014, the Electronic Frontier Foundation (EFF) published a spine-chilling piece titled FBI's "Suicide Letter" to Dr. Martin Luther King, Jr., and the Dangers of Unchecked Surveillance (linked), which reported on the recent publication of an un-redacted version of the infamous “suicide letter” from the FBI to Dr. King.

EFF reports that the letter, recently discovered by historian and professor Beverly Gage, aptly demonstrates “what happens when they [the intelligence agencies] take the fruits of the surveillance they’ve done and unleash it on a target."  The letter goes so far as to propose a date certain by which Dr. King should take his own life or face the public airing of his dirty laundry.

It is not my intention in this post to dive deep into what EFF and others (myself very much included) find so fundamentally disturbing about our past, present and future surveillance state.  Rather, my focus is more parochial, and, as is my wont in this blog, focused on my own recent experience in terms of the intersection of politics and commerce.

Obscene as the politically-inspired surveillance of Dr. King might have been – particularly in the context of his having somehow been deemed by someone to be some sort of threat to U.S. national security – equally or more egregious was the exercise of intense intimidation and threat of devastating results should Dr. King not buckle to the blackmail.

Regular readers might already surmise the parallel I’ll now draw, but please trust that I do so with sincere respect for Dr. King and not in any way wanting to diminish his legacy in drawing the analogy.  (Perfunctory disclaimer: Please recall that this is a personal blog reflecting my personal observations, in no way overseen, vetted or approved by my employer).

For the last few years, American telecommunications service providers - the folks who provide your cell phone service - have been denied the right to competitively provision their networks based on nebulous, never-substantiated “national security” concerns associated with China-based equipment vendors (an absurdity given that every vendor codes and builds in China, regardless of where based).

In the case of big carriers, the blackmail has been practically overt: High-level political engagement of C-suites marrying vaporous national security concerns to a warning – if you buy from “the Chinese” you’ll lose billions in federal revenues.  Pretty simple blackmail: With billions at stake, a carrier buckles and sacrifices the cost and consumer benefit of better and more affordable tech.

But with smaller, local carriers or non-telecom enterprises, the intimidation has been more insidious.  Distribution of propaganda through Regional Operations Intelligence Centers and threatening phone calls, e-mails and “agent” visits have all been used to chill commercial decisions and prospects of businesses over which the Government cannot as easily wield the direct threat of lost revenues.

The terror of ubiquitous surveillance aside, the question is, as Dr. Gage has wondered, whether agencies are acting “not to serve national security but to carry out personal and political vendettas.” The latter certainly seems the case – in geo-political terms – when it comes to strong-arming U.S. businesses away from competitive technologies based blindly on a vendor’s country of headquarters.

August 19, 2014

Techno-Nationalism: A Growing Scourge

The Snowden Revelations over the last year have had a not-insignificant impact on American-based technology companies’ overseas existing and prospective business.   U.S. multinationals, including IBM, Microsoft, Cisco Systems and Qualcomm are all under fire in China, and many are experiencing declining sales in other markets, whether in Europe, Latin America or elsewhere.

While the threat of compromised equipment and software is quite real, whether the doing of State or non-State actors, from a pure technology perspective, such threats cannot be managed by blackballing companies by virtue of their location of headquarters.   Such techno-nationalist approaches fly in the face of the commercial and technological realities of the information and communications technology (ICT) industry, as today's ICT companies are transnational by nature, with research and development, coding and manufacturing spread out across the globe.

The U.S. pioneered the model of modern day techno-nationalism in the context of multiple and opaque market access barriers to China-based telecommunications equipment multinationals, starting in earnest in 2010, and always based on nebulous, never-substantiated and always-prospective national security concerns.  Like their American-headquartered peers, these China-based companies operate worldwide and rely on global supply chains, integrating gear and software from countries across the globe.

Born of Sino-phobia, the American techno-nationalist precedent is now being readily adopted in markets around the world, including China, and being deployed against American firms perceived to be uniquely vulnerable to U.S. Government penetration and compromise.

The reality is that the targeted American companies are no more nor less vulnerable to U.S. or other Government or non-State actors than are companies headquartered elsewhere.  Indeed, witness the reports this Spring that the NSA was intercepting post-shipment Cisco gear to enable backdoor access, demonstrating that compromising technology is national border-agnostic, both in terms of perpetrator and victim.

Techno-nationalism heralds a potential age of 21st century politico-mercantilism that is in absolutely no-one’s best interest and, moreover, does little to nothing to address the very real concerns associated with network and data integrity, or for that matter, privacy.  Rather, the fragmentation of the global ICT industry and related supply chains, as well as the Balkanization of the Cloud, will lead to dramatic and very real adverse implications for the intrinsically global Internet-based society in which we work and live.

In today’s age, no network is secure, nor will any network ever be entirely secure.  But the integrity of networks and data can be bolstered, and confidence in ICT gear and telecommunications and Internet services can be, to some extent, restored.  Techno-nationalism is intrinsically contrary to such goals.

We have reached a critical moment in time in which industry and government must agree to a “pause,” and, further, a conversation about real solutions, rather than trade-distorting and market-disrupting politically-inspired ineffective policies based on irrelevant physical geographical boundaries.

Governments must accelerate the process of agreeing among themselves what is acceptable behavior in terms of cyber activity.  This does not have to be overly-granular to begin with.  Start, for instance, with “We won’t crash your stock market if you won’t crash our electricity grid,” and then work from there.

Governments must also allow and encourage industry to define commercially rational, technologically feasible, and certifiable industry-wide standards, disciplines and best practices for the development and delivery of commercial ICT product and code.  In such an environment, “security assurance” will emerge as a market-based selling point for ICT vendors, alongside technology, quality and price.

These are starting points, they are not the end result.  But they are far, far preferable to the rising crescendo of techno-nationalist policies that are threatening to unravel the ICT industry, an industry that is critical to continued global economic development, growth, productivity and prosperity.