The Snowden Revelations over the last year have had a not-insignificant impact on American-based technology companies’ overseas existing and prospective business. U.S. multinationals, including IBM, Microsoft, Cisco Systems and Qualcomm are all under fire in China, and many are experiencing declining sales in other markets, whether in Europe, Latin America or elsewhere.
While the threat of compromised equipment and software is quite real, whether the doing of State or non-State actors, from a pure technology perspective, such threats cannot be managed by blackballing companies by virtue of their location of headquarters. Such techno-nationalist approaches fly in the face of the commercial and technological realities of the information and communications technology (ICT) industry, as today's ICT companies are transnational by nature, with research and development, coding and manufacturing spread out across the globe.
The U.S. pioneered the model of modern day techno-nationalism in the context of multiple and opaque market access barriers to China-based telecommunications equipment multinationals, starting in earnest in 2010, and always based on nebulous, never-substantiated and always-prospective national security concerns. Like their American-headquartered peers, these China-based companies operate worldwide and rely on global supply chains, integrating gear and software from countries across the globe.
Born of Sino-phobia, the American techno-nationalist precedent is now being readily adopted in markets around the world, including China, and being deployed against American firms perceived to be uniquely vulnerable to U.S. Government penetration and compromise.
Techno-nationalism heralds a potential age of 21st century politico-mercantilism that is in absolutely no-one’s best interest and, moreover, does little to nothing to address the very real concerns associated with network and data integrity, or for that matter, privacy. Rather, the fragmentation of the global ICT industry and related supply chains, as well as the Balkanization of the Cloud, will lead to dramatic and very real adverse implications for the intrinsically global Internet-based society in which we work and live.
In today’s age, no network is secure, nor will any network ever be entirely secure. But the integrity of networks and data can be bolstered, and confidence in ICT gear and telecommunications and Internet services can be, to some extent, restored. Techno-nationalism is intrinsically contrary to such goals.
We have reached a critical moment in time in which industry and government must agree to a “pause,” and, further, a conversation about real solutions, rather than trade-distorting and market-disrupting politically-inspired ineffective policies based on irrelevant physical geographical boundaries.
Governments must accelerate the process of agreeing among themselves what is acceptable behavior in terms of cyber activity. This does not have to be overly-granular to begin with. Start, for instance, with “We won’t crash your stock market if you won’t crash our electricity grid,” and then work from there.
Governments must also allow and encourage industry to define commercially rational, technologically feasible, and certifiable industry-wide standards, disciplines and best practices for the development and delivery of commercial ICT product and code. In such an environment, “security assurance” will emerge as a market-based selling point for ICT vendors, alongside technology, quality and price.
These are starting points, they are not the end result. But they are far, far preferable to the rising crescendo of techno-nationalist policies that are threatening to unravel the ICT industry, an industry that is critical to continued global economic development, growth, productivity and prosperity.