Issues

SCOTUS Smacks Down Patent Trolls

By Mike Montgomery

In all the political hoopla dominating the news lately, many people probably missed a U.S. Supreme Court decision that will actually have a huge impact on technological innovation. On May 22, the court ruled to restrict where patent lawsuits can be filed. The decision is likely to lead to a reduction in the number of cases filed by so-called patent trolls. It’s about time.

Trolls don’t build anything, employ anyone or add any value whatsoever to the economy. They simply buy up overly broad, somewhat vague intellectual property (IP) patents and use them as cudgels to bully plaintiffs into paying them to go away. Trolls count on a trial being more expensive than an out-of-court settlement.

Until this recent decision, the trolls’ favorite place to bring suits was the Eastern District of Texas, which has rules — and juries — that favor IP plaintiffs. It’s not a huge surprise that more than 40% of all patent lawsuits are filed there. One East Texas judge oversaw more patent cases than the federal judges in California, Florida and New York combined. The region became a troll haven partially by accident, but mostly by design. All those lawsuits — more than 2,500 last year in the region— bring in legal teams that spend money at area hotels and restaurants and usually even throw a few crumbs to the local legal talent.

But the SCOTUS decision sounded a death knell for their cottage industry. In the two weeks preceding the ruling, 74 patent cases were filed in the Eastern District. The week after — just four cases. The well dried up fast. That’s because the ruling in Heartland v Kraft means patent cases must be filed where the infringement took place, or where the defendant has an established business. That’s usually not East Texas.

This decision is going to make a huge difference for startups and small businesses that can’t afford to fight expensive legal cases in far-flung towns, especially when the deck already is stacked against defendants. It’s easier to settle immediately, or to just not go down that innovation path.

Patent trolls waste billions of dollars each year and ultimately hurt consumers. Studies have shown that trolls syphon off money from research and development, venture capital investments and tech startups in particular. Patents are designed to protect investment and innovation, and they work in some industries like big pharma. But the tech industry has been crying out for reform.

Unfortunately, Congress has repeatedly refused to act, despite two bills that would reform the tech patent industry. The Patent Act would make it more difficult to file troll suits, while the Innovation Act would cut down on the broad, vague language used by trolls and, more importantly, force them to pay legal fees when they lose.

Of course, action may not be as necessary now. The new ruling most likely will make it harder for trolls to consolidate cases, thereby eliminating marginal cases and potentially leading to a reduction in the number of cases filed overall.

Mike Montgomery is the Executive Director at CALinnovates.

Farming Takes Flight

By Tim Sparapani

Ernest Earon was walking through a client’s farm recently when he noticed one of his company’s unmanned drones flying over the fields snapping photos. It was a heart-tugging moment for the entrepreneur. “Unexpectedly coming upon one of our aircraft, up there doing its job, was just a pretty cool moment for me,” said Earon, co-founder and chief technology officer at PrecisionHawk, a drone mapping and analytics company that helps users collect and analyze data coming from drones.

PrecisionHawk has been expanding throughout South America and Australia for years but was stymied in the U.S. by onerous regulations. After the FAA loosened those regulations in late August 2016, growers started adopting new drone technology at a breakneck pace.

It’s just one aspect of the booming “ag tech” (agricultural technology) field. Just this week, CB Insights identified more than 100 private companies in ag tech, sorting them into nine main categories including sensors, smart irrigation, and robotics and drones.

Farming has always been an information intensive industry: Growers need answers to hundreds of questions about air and soil conditions, plant stressors and optimal timing for everything from planting to harvesting. In the past, obtaining the data needed to answer those questions required thousands of hours and lots of workers. Many of today’s farms are efficient, data-gathering dynamos. Tractors have IP addresses, harvesters can measure the yield as it’s coming out of the ground, biometric sensors report on livestock health, and sophisticated algorithms help farmers manage tasks such as watering and seed ordering.

Researchers suggest the full-scale adoption of these technologies could mean an increase in farm productivity unseen since mechanization. The tractor, for example, led to a 140% jump in farm productivity between 1910 and 1950. Other mechanization, such as automatic harvesters and automatic planters that incorporated herbicides, spurred another climb of 170% between 1950 and 2010, says Michael Walden, professor of agriculture and resource economics at North Carolina State University. “That’s more than double the productivity gains in the nonfarm economy.”

Walden thinks we’re about to take another leap forward in productivity as more farmers adopt ag tech. “That’s what technology does,” he says. “It allows us to get more from less.”

Technology is important because “no one’s giving out new farmland,” says Earon. “The costs of spraying pesticides and fertilizers everywhere is too great. We have to do more with less. Farmers know the climate is changing. Everyone is looking for ways to get that leg up and continue to produce.”

Drones are a key part of the data gathering. They can cover large distances very fast, take high-resolution photos and fly over fields without affecting crops, all at a relatively low price.

“We put a lot of different sensors on them and can collect the exact insights you need to address the problem in front of you,” says Earon. “They see that the section of the field with drainage issues — which we know about because we’ve done 3D modeling — lost a lot of nitrogen because of the rain and we need to reapply it. The drone is collecting the information and providing that insight back to the grower.”

So far, adoption of data technology is highest where there are problems, such as on farms where drought or pests are present. It’s also getting easier to buy and use the technology. Drones cost as little as $1,000, and PrecisionHawk gives its software away for free. “We want as many people using it as possible so we get that feedback to help us make it better,” say Earon.

He’s already looking at a future where crops and sensors are developed together, and fewer humans are necessary to plant and harvest crops. “Farming is going to be less about driving tractors and a whole lot more about making decisions on what’s coming up next year,” he says. “Humans are not going to be involved except to manage the whole process.” There’s already a group in England attempting to grow a barley field without any human activity on the field itself using drones, driverless tractors and remote-controlled combines.

As technology takes over the rote parts of farming, different kinds of human work will be required. In fact, PrecisionHawk currently is staffing up on agronomists, geo-spacial scientists and other experts. Other drone companies in the farming space include TerrAvion, Agribotix and Skycision.

“Let the machines do what they’re good at,” says Earon. “Robots are very good at doing the same thing over and over and over again. They don’t care how hot it is. They just take good pictures.”

Humans, on the other hand, are good at using data to build new tools and figuring out new ways to use it. “We’re not putting people out of work,” says Earon. “We’re letting them do other things.”

Tim Sparapani is Senior Policy Fellow at CALinnovates.

SB 182 Will Help Move California’s Economy Into The 21st Century

By Kish Rajan

If you live in any big city in California, chances are you’ve used a rideshare service to go to or from the airport. It’s become such an easy option that most of us take it for granted.

But a lot of effort goes into making that ride so easy for you. And much of that effort comes from the drivers — independent entrepreneurs who have turned their cars in to rolling small businesses.   These small business owners enjoy the freedom, flexibility and rewards of being their own bosses — even if just for a few hours per week.

And while they are experts in navigating the streets of their communities where they drive, they can often be challenged by all the government regulations they have to navigate. Los Angeles County, for example, is made up of 88 different municipalities and each of those municipalities has its own business license standards for drivers. As they drive through different towns, drivers are subject to different licenses, fees and requirements.

Driving from San Jose to Oakland a driver goes through 5 different cities. All over the state, drivers are moving through different cities every day — and running the risk of getting fined for not having the right business license.

But to expect drivers to obtain licenses from every municipality they might go through is unreasonable. Most licenses cost around $100 each and those fees start to add up creating a serious barrier to entry for new drivers who are really entrepreneurs (87% of Uber drivers, for example, say they drive because they want to be their own boss). As a state, we want to do everything we can to encourage entrepreneurship and to help give people the freedom to change jobs and build new businesses. We don’t want to burden people with unnecessary regulations.

This is as perfect example of a modern industry operating under outdated regulations. Of course it’s important that people feel like they are in the hands of licensed professional whether they’re getting a massage, hiring a plumber or getting a ride. But forcing those businesspeople to get often redundant business licenses just because they cross a municipal line is old-fashioned thinking. In today’s economy, people need to be able to go where their customers are and that’s not always in the same town.

That’s why we support SB 182. The bill would allow drivers to obtain one business license that could be used across municipal lines. Drivers would be able to move freely around the state knowing they are licensed to operate everywhere; and passengers would get the assurance that they are in a car with a driver who has a business license in addition to the stamp of approval from the rideshare company.

The bill also stands to benefit the many different municipalities of California. Instead of having the state issue the business license, it could be issued by the driver’s home town. That way, if a driver is based in Livermore but mostly picks up riders in San Francisco, Livermore would get the benefit of the licensing revenue.

SB 182 also helps protect drivers’ privacy. Some jurisdictions publicly post addresses of people who apply for business licenses. Because drivers essentially work out of their cars, their home addresses have been made public. SB 182 would ensure that when drivers apply for licenses, their addresses remain private.

This bill should be seen as a model for legislation going forward. The sharing economy (or as I prefer to call it, the personal enterprise economy) is going to continue to be an important part of our economic mix. We need to make sure our laws and regulations are updated to protect workers as well as customers. SB 182 acknowledges that the world is changing and creates smart regulations that make sense in today’s world.

Kish Rajan is chief evangelist at CALinnovates and former director of Gov. Jerry Brown’s GOBiz initiative. He can be contacted at kish@CALinnovates.org.

The Future Of Work Depends On Answering Important Questions Today

By Kish Rajan

Today, many of us are trying to sort through a contradiction in how we understand our economy. Fewer people are unemployed than at any time in the past decade. But as a country, we don’t feel like we’re as prosperous as we’ve been in the past. Many people would like to blame technology for this phenomenon, pointing to chips and data as the great job killers. But as with many things in life — the truth is more complicated.

Take productivity for example. This is an important measure because increased productivity helps boost the annual GDP, and can lead to higher wages and better standards of living. Technology has been a giant boon for manufacturing productivity, which has nearly doubled in the past 20 years, with half that gain coming in the tech sector, according to a new study by the Progressive Policy Institute. Since 2007, when the current tech boom started, employment in computer and mathematical occupations — including good-paying jobs for software developers and network administrators — has grown by more than 900,000 jobs. One study found that robots added nearly a half percent to annual GDP growth between 1993 and 2007.

But then there’s the flip side. Well over half of us are in jobs that could be at least 30% automated right now, according to research by McKinsey & Company.

In the United States, middle-income households, the young and those with less education have already been hit hardest by automation. One study by Boston University found that robotics reduce the employment-to-population ratio and wages in those sectors where automation is added. According to this study, workers with only a high school degree saw their wages fall from 80% of their college-educated peers to less than 60% between 1975 to 2014.

Unsurprisingly, these low-skilled, less-educated workers are employed in occupations at the greatest risk of further automation. In fact, experts predict the number of robots performing jobs in the U.S. will quadruple by 2025, which could eliminate as many as 3.4 million jobs.

These conflicting numbers paint a picture of a world where more high-paying jobs are being created while low-paying jobs are being replaced by robots. It’s no wonder that so many people are so concerned about the future of work.

So what can we do?

Believe it or not, we have a lot of power to shape how this all plays out. The future of work is going to depend a lot on the decisions businesses and government make today. And in order for those with power to make the right decisions, we all have to be asking the right questions.

Is technology causing net job growth or net job loss? It can be difficult to tell. Different reports tell different stories. Some job categories are growing and some are shrinking, so what’s the overall effect?

And if high-paying tech-heavy jobs are growing faster than low-wage service jobs are disappearing, how do we as a nation of workers adjust? We’ve seen that government-sponsored training to move displaced workers into new tech jobs isn’t always successful. Is there a better way? And who bears the responsibility of retraining workers, businesses or the government?

How do we balance encouraging tech companies to grow while ensuring that people have good jobs? It’s important that innovators and entrepreneurs be encouraged to build the Googles and Facebooks of tomorrow, but what do we do when those new companies displace workers in other industries? And how do we make sure that those tech jobs are popping up in Peoria and not just in Silicon Valley?

These questions should be high-priority for government at every level, from city hall to the White House.

Technology has always been a convenient boogie man for politicians looking to place blame for a changing job environment. The automobile put carriage drivers out of work. TV eventually killed radio storytelling (though thanks to podcasts it’s making a comeback) and online travel companies kicked most travel agents to the curb.

But each of these innovations also advanced our society in important ways and created new jobs. There’s no reason to think the current tech revolution will be any different and when you look at the productivity numbers from the recent Progressive Policy Institute report, there’s reason for hope.

But we’d be foolish to hide our heads in the sand and deny that the landscape is changing in a way that is hurting some Americans. Finding the right balance here will be key to building an America that will prosper and offer new opportunities to all citizens.

Kish Rajan is chief evangelist at CALinnovates and former director of Gov. Jerry Brown’s GOBiz initiative. He can be contacted at kish@CALinnovates.org.

Congress Should Write Net Neutrality Into Law

By Mike Montgomery

Net neutrality is a foundational principle in the digital age. But for too long its future has been uncertain due to changes in leadership and politics. That is why it’s important for Congress to do what only it can do through a bipartisan process: enshrine the principals of net neutrality into law.

Wednesday’s announcement by Chairman Ajit Pai that the FCC will open rulemaking proceedings to reverse the Title II regulations put in place by the last administration does not change the need for a law. In fact, it shows what a political football net neutrality has become.

While politicians seem disinclined to agree on anything these days, there are good reasons why they should work together on this. While net neutrality proponents were pushing for the Federal Communications Commission to regulate the internet under Title II of the Communications Act of 1934, many of them instantly suffered from buyer’s remorse when the FCC did just that in 2015.They realized that subjecting the internet to utility-like regulations may not be the best way to encourage innovation around privacy, security and new features that could not only make our lives more efficient but delight us. Companies like Netflix backtracked on their support for Title II.

The problem with Title II is that although it does, in theory, ensure that all data is treated equally and that companies can’t carve out fast lanes, it also opens the door to the internet being frozen into a time capsule that discourages network modernization, the next wave of innovation and competition among providers. The digital world moves at the speed of light. To slow that growth to the speed of bureaucracy would have serious negative effects on the burgeoning tech industry which is creating jobs faster than almost any other industry out there.

Another problem is that while the previous administration was happy to enforce net neutrality through Title II, it’s now clear that the current administration would like to keep the tenets of net neutrality in place, but toss Title II into the regulatory dustbin. Chairman Pai has shown that he’s an advocate for the principals of net neutrality — he just doesn’t agree that the internet should be regulated like a utility.

So here we go again. Proponents of each side of the argument are gearing up for another bite of the regulatory apple as the FCC reopens the debate around net neutrality. Public interest groups are preparing to raise millions by shouting fire in a crowded theater and striking fear into the hearts of consumers. Their counterparts on the right are firing up their many D.C.-based lobbyists to argue for total deregulation.

I used to refer to net neutrality as a food fight. I was wrong. It’s a holy war dressed up as the plot to Groundhog Day. As everyone ramps up the rhetoric, perhaps it’s finally time to stop doing the same thing over and over and consider another path.

If net neutrality is as important as we all think it is, then perhaps we should do more to ensure its survival. We can’t do that by watching the pendulum swing back and forth between Title II and deregulation. We can’t do it through regulations that can be eviscerated every 4 to 8 years (or whenever there’s a regime change in Washington).

We need a law.

Once again, CALinnovates calls upon Congress to take the hint and get to work.  By making net neutrality the law of the land, a political hot potato gets replaced by clarity and certainty, not just for a presidential term or two, but well into the future. And the new law must guarantee key protections for consumers and innovators that are at least as strong as those provided in the Open Internet Order.

By turning net neutrality principals into law, Congress can deliver on behalf of the American people and put this never-ending tragicomedy to rest once and for all.

Mike Montgomery is the executive director of CALinnovates, a coalition of tech companies based in California.

This piece was originally published in The Hill.

CALinnovates Calls On Congress To Enshrine Net Neutrality Into Law

“Net Neutrality is a foundational principle in the digital age. But for too long its future has been uncertain due to changes in leadership and politics. That is why it’s important for Congress to do what only it can do through a bipartisan process: write into law the principles of Net Neutrality. Congressional action will provide innovators with a level playing field and industry with the certainty to make technology and investment decisions to continually upgrade our networks. If Net Neutrality is as important as we all say it is, it should be the law of the land, not a political hot potato resting on the third rail of American tech policy for another decade.” – Mike Montgomery, Executive Director

Big Music Blames Streaming For Its ‘Woes’ But Industry Is Doing Just Fine

By Mike Montgomery

The annual Grammys award show is full of glamour and fantastic entertainment featuring incredibly talented artists and musicians. Grammys On The Hill, on the other hand, is the event’s corporate, big music, obnoxious cousin. Every year at this time, big music executives and a pocketful of artists descend upon Washington not to delight and amaze, but to cry poverty in the hopes of changing the laws around music licensing.

Today, the big multinational and multibillion dollar music labels will share their sob stories with members of Congress. They’ll attempt to convince policymakers that a lack of royalties for radio play hurts musicians, that songwriters deserve to make more and that streaming is harmful to music’s health.

Over the last decade, how we listen to music has transformed, giving consumers the power to choose what, when and how we listen to music — whether it’s on the radio, satellite or via streaming platforms. Innovation has changed the game. As I’ve said so often before that I’m now becoming a broken record, there’s no putting the technology genie back in the bottle.

But for the labels to be lamenting to Congress about their faded fortunes in this environment is a pretty ridiculous line of argument. Three music labels, Universal (owned by Vivendi), Sony, and Warner Music, account for 70 percent of all music revenues — meaning they still hold the purse strings.

And despite what they say, there’s more money going into that purse than at any time in recent history. The music industry reported last week that it had its best year in two decades. According to the Record Industry Association of America (RIAA), total U.S. retail sales from recorded music rose 11.4 percent last year, to $7.7 billion.

That’s great news that the labels should be celebrating. But that’s not the way the Big Three operate. They smell blood in the water and, like a pack of hungry sharks, they’re attempting to squeeze the rest of the industry in order to grab more for themselves.

They tell artists that the streaming platforms and the radio stations are to blame. They put up a united front before Congress, saying that we’re all in this together and that together we can fix the music industry.

Sadly, artists won’t realize the full benefit of growing record revenues because the music labels have done everything possible to preserve their pro-label, anti-innovation business models instead of embracing new technologies and the operational, market and marketing efficiencies they offer.

Like taxis fighting the consumer-friendly advent of companies like Uber and Lyft, record labels refuse to change. They still work “breakage” feesinto their artist deals, which was money that was originally meant to cover the cost of records or discs broken in transport. In the streaming world, that’s no longer an issue and it is but one tangible example of money that’s being funneled away from artists not by the streaming companies, but by the labels.

To find the voice of reason on all of this Grammys On The Hill have only to look to this year’s honoree: country music star Keith Urban. The Australian-born singer is one of the biggest acts in America and he’s beloved by music fans of all ages so it’s no surprise that big music would want him,not the corporate titans behind the curtain, as the face of their lobbying rodeo.

But he recently commented to Politico that he doesn’t share the same distaste for streaming platforms as his label overlords, stating that, “Owning music feels like a very foreign concept to me. Buying someone’s album feels odd to me. … But streaming to me seems to be a very obvious, fluid, quick, logical way for music to be heard in this day and age.”

And when asked about one of the main complaints of the Grammys On The Hill crowd, that they should be getting paid for radio spins, Urban very candidly said he still finds AM/FM radio to be a useful promotional tool that helps him reach fans. “A huge amount of my audience still listens to radio,” he told Politico. That’s where they get a lot of my music.”

For years, the labels have been clamoring for royalties for radio play. They claim it’s unfair that radio stations can spin hit songs and pay songwriters but not artists for the right. But if traditional radio play is so important to a huge star like Urban, the only reason the labels are seeking to alter the landscape is to further enrich themselves. This isn’t a rising tide argument. This is a testament to the self-aggrandizing nature of the record labels and their unending quest for greed.

We need to take a new look at how the big music is organized, subsidized and supported by Washington. And that should start with one simple word: transparency. Congress should ask the labels to detail how much of the $7.7 billion in revenues it took in last year went to  the artists they purport to represent. Get granular. Details are our friends.

Despite the whining from big music, what the RIAA revealed last week is that business is booming — for them. It’s time to stop catering to the record labels and create a system that is fair to everyone, rather than allowing the labels to continue telling their dirty little lies about the nature of music licensing laws.

This piece was originally published in The Hill.

Innovators Need Closure On The Apple v. Samsung Case

By Tim Sparapani

The dispute between Samsung and Apple over allegations that Samsung stole Apple’s mobile phone design is like a piece of gum that you’ve been chewing for way too long. It’s time to spit it out.

There’s an enormous amount at stake for innovators in this fight over mobile phone sales, and as I’ve written many times before, this case truly matters. How, or if, damages are ever calculated for Samsung’s infringement of Apple’s rounded-corner phone design will set precedent that will influence Silicon Valley for years to come.

There’s also a real risk that if the outcome establishes the wrong formulation for calculating patent design damages, it will create a new type of design patent troll —essentially law firms that will sue companies to attempt to extort settlements from them based on allegations that they have infringing product designs.

As a reminder, here’s how we got to the point where a federal court has been told to determine anew potential damages for alleged design patent infringement. Last year, the U.S. Supreme Court decisively reset the rules of design patent cases to prevent them from spinning out of control. The court rejected Apple’s position that it was entitled to the full cost of each iPhone that wasn’t purchased because a consumer had instead opted for the infringing Samsung phone.

If the court had ruled in favor of Apple’s position, Samsung would potentially have been on the hook for an estimated $1 billion. But the court decided (to Silicon Valley’s delight) that this “total profits” damages theory was erroneous because software-powered hardware is routinely filled with hundreds if not thousands of other patented inventions that give those products their value.

While the Supreme Court wisely struck down this total profits standard, it left the job half done by tossing the case back to a lower federal court to determine the appropriate damages. That’s why the upcoming decision from the Federal District Court for the Northern District of California will establish precedent around what portion of a product is attributable to its design as opposed to its functionality.

Drawing that line is easy with something like a shovel, which is a relatively simple tool. It’s much harder to do with a complicated piece of technology like a drone, an autonomous vehicle or a smartphone. The court will need to craft a smart rule that divvies up the pie so future judges and juries can determine damages when these cases invariably come up again.

Full disclosure here: As I’ve written before, I’m an unequivocal Apple fan boy. Since the U.S. Supreme Court’s ruling, my family has bought two more iPhones, and I’m writing this piece on my new Mac. I love the design, durability and functionality of Apple’s products. Simply put, though, the risk to innovators is too high if Apple is allowed to recoup the lion’s share of its alleged losses because a lower court elevates the concept of design over product functionality.

The court’s determination will go beyond the question of how much Samsung has to pay Apple. It will lay the groundwork for rules about how we properly compensate the designers who produce iconic, paradigm-shifting product designs, particularly when those designs are only a portion of the usefulness of the product they are part of. The decision will tell us a lot about where the value lies in any new piece of technology. That’s going to be an important factor in ensuring all innovators in Silicon Valley, including coders and designers, prosper.

The longer this case drags on, the more these questions go unanswered and the more difficult it is for people who might be working on ground-breaking products to move forward.

This piece was originally published in Forbes.

How Augusta, Georgia, Is Becoming A Model For Tech Innovation In Small Cities

By Mike Montgomery

Graphic designer and illustrator Jason Craig lives in Augusta, Georgia, but he travels a lot to nearby cities like Atlanta and Columbia, South Carolina, for creative contract work and entrepreneurial camaraderie. “I wish I didn’t always have to leave to do cool work,” Craig says. “I’m always going to other towns and giving them my best — I want to do that in my hometown.”

Craig might soon get his wish. By the end of this year, Augusta could be known for a lot more than just its famous golf tournament. Starting in the fall, Augusta residents will have access to something called the Augusta Innovation Zone. A team of six action leaders is renovating a full downtown city block, including two historic buildings, and turning it into an incubator and hub for innovation, arts, entertainment and restaurants. Members of all industries and career paths will be able to rent desks, or even a full offices, there; they’ll share a receptionist and common office supplies; and they’ll attend seminars and workshops. Eager budding entrepreneurs might even want to rent one of the iZone’s apartments. Interactions might lead to mentor situations or future partnerships. “It will give most cities a run for their money in live-work-play spaces,” says Tommy Wafford, one of the iZone action leaders.

Wafford says he and his friends came up with the idea over drinks one night as they sought support on their own projects. “We said that something’s got to be done with startup innovative culture in our city,” says Wafford, CEO of MealViewer. “I’m on my third startup with my business partner. Every one [of these startups] has been a challenge — we’ve had to bootstrap every single one because there’s been no culture here.”

The iZone team wanted to create a physical space where people could come together to brainstorm ideas, find mentors and bounce entrepreneurial projects off venture capitalists. They wanted a place where people could inspire one another to bring their visions to fruition. And they wanted local businesses to turn to a creative space for recruiting events. Augusta, which has a population of just under 200,000, tends to draw millennials for a new cyber facility and a university hospital, but then they leave for larger cities. “There’s nowhere in our downtown for young people to go unless they want to drink,” says John Cates, an attorney and one of the founders. He and Wafford say they looked at existing hubs like the Atlanta Tech Village for motivation. “We needed to create an environment where the best and brightest can stick around.”

Wafford, Cates and the rest of their team — all of whom are working on this pro bono — worked closely with the city of Augusta to find an open space downtown that could launch this renaissance. One of the buildings they chose is an old Woolworth department store. People can join as members and check out co-working spaces. There will be offices for rent, conference rooms, restaurants and storefronts.

Over 200 people are on the waitlist for memberships, and 40% of the office space on the second floor has been reserved. Not all of those interested are locals. Wafford says he and his team are traveling all over, including to Silicon Valley, to meet with startups. They’ve also been encouraging venture capitalists to keep tabs on their progress. The huge difference in cost in living and rental space just might persuade a few entrepreneurs to move. “The wifi is just as good here as it is in Silicon Valley,” Wafford says. “We can extend your runway by 24 months [if you move your startup] to Augusta.”

The short-term goal is to get the Augusta Innovation Zone up and running by the end of 2017. The long-term goal is to use this iZone as a model for similar spaces around the country. “I definitely think there is an opportunity to help other post-industrialized cities thrive again economically,” Wafford says. “Obviously, being able to offer startup companies an ecosystem that has access to talent and funding is a key component to their success and longevity.”

Like Augusta, these small cities now have access to world-class internet, low cost of living and plenty of empty warehouse space. Wafford hopes to demonstrate that it’s possible to thrive outside of a major metropolitan area as a savvy tech startup.

“We hope by documenting the process here in Augusta we can share our findings with other nonprofits around the nation to help build a real model for success,” Wafford says. “Long term, we hope to be in the business of nation-building from the grassroots level. I foresee a day when we have five to 10 cities a year launching the same kind of space out of old factories and gas stations and closed malls.”

This piece was originally published in Forbes. 

Paul Rosenzweig On How Trump’s Policies Will Transform Silicon Valley

To some, President Trump’s travel ban is morally questionable and bad for business but according to cybersecurity expert Paul Rosenzweig, there are bigger problems lurking, especially for the tech industry.

Rosenzweig, founder of Red Branch Consulting, a homeland security consultancy, and former policy wonk in the Department of Homeland Security, says the bigger risk is in the ending of premium processing for H-1B visas – which will slow innovation in Silicon Valley. Until now, companies could pay to have a visa for a highly skilled worker processed in just 15 days, rather than wait the typical four to six months. “That’s going to put a significant crimp in the development cycle, because there just aren’t going to be the horses to do it,” Rosenzweig said during an interview for the A Step Ahead podcast.

Another problem weighing on Rosenzweig is the recent WikiLeaks CIA bombshell that showed that the CIA, as well as the Russian and Chinese governments, among others, are working to exploit vulnerabilities in consumer products. That means hardware and software development in the Valley will have to shift focus. Developers will have to use what Rosenzweig calls “defensive developing,” with the expectation that products will be placed under assault.

“It’s a sea change,” Rosenzweig says. “The product cycle has been all about the rush to market and functionality.”

Like what you hear? Subscribe to A Step Ahead on iTunes.

A Step Ahead: Paul Rosenzweig

Cyber security is on everyone’s mind these days with the release of the news from WikiLeaks about the CIA hacking. Today on A Step Ahead, we spend time talking to an expert who’s worked in the private sector, but also with the Department of Homeland Security post 9/11. He understands the issues and the implications for Silicon Valley. Thanks for tuning in.

Welcome to the A Step Ahead podcast. I’m Mike Montgomery, the Executive Director of CALinnovates. Today I am joined by cyber security expert Paul Rosenzweig, who is the founder of Red Branch Consulting and a contributor at the Lawfare Blog. Paul, thanks for joining us today.

Paul Rosenzweig: Thanks a lot for having me, Mike. It’s great to be here.

Absolutely. Let’s kick this off with some non-controversial issues, like for instance the travel ban. Silicon Valley is probably safe to say about 99.9% against the travel ban. What are your thought on the ban and its affect on innovation?

Answering the second part of that first, as to the affect on innovation, I think the ban is less likely to be significant than something else that happened in the last week or so, which was the end of premium processing of H1B visas. H1B visas are the visas that are extended to experts, things like computer engineers from India, for example. That is the source of much of the talent, not all of it, but a lot of the talent that resides in Silicon Valley, and expedited processing that would bring somebody in in 15 days instead of four months or six months…that’s gone away now as part of revamping the vetting process. That’s going to put a significant crimp in the development cycles in the valley, because they just won’t have the horses to do it.

As to the actual ban itself, the one that’s targeted at six Arab countries now is not going to have a real effect on innovation. I’m sure there were a few engineers from those countries who can’t get here now, but the major effect there is going to be on collateral effects on American business abroad and American image abroad. It’s much harder to sell your product when people don’t like America. People like America a lot less when we’re being mean to the rest of the world. There you go.

Right. Paul Rosenzweig is joining us today, you have standing on this, because you worked at the Department of Homeland Security post 9/11. You understand the politics in the countries that we’re talking about in great depth, right? When you look at this travel ban versus what America has been since its founding, which has been a place of openness and inclusion, and you’re looking at it through a Silicon Valley perspective—which is that different insights and abilities to take risk have driven the innovation cycle, that message that’s being sent out to the rest of the world is not very positive. Is that right?

I think that’s right. As a homeland security guy, I’m all for valuable security, but this is painting with a broad brush. My idea of security is individuated concern and suspicion, developing information about particular people so that we know that Mike has traveled to the FATA and spent six months there. We don’t know what he did, but we can assume he took training. Now he’s back here, and his Facebook posts are all jihad this and jihad that. That’s a good reason to be worried about Mike. This is all hypothetical, by the way, with the hopes…

Thank you. Thank you, Paul. NSA, if you’re listening, this is all hypothetical.

Right. That’s the way to do security. The way to not do security is to pick essentially six countries and paint with a broad brush and tar everybody that wants to come here from there as if they were terrorists, especially when the six countries we’ve picked are not the ones that the greatest terrorist threats originate from. Notable by their absence from the list are Pakistan, Saudi Arabia, where 11 of the 19 9/11 terrorists came from. We have not had a significant influx of terrorists from Yemen. In fact, the Department of Homeland Security’s intelligence analysis unit put out a report that was disavowed by the Trump administration in which it said basically there’s no correlation between these geographic regions and terrorist threats.

What’s driving the creation of these lists? Who’s on it? Who’s off? What’s the thought process there?

It’s hard for me to say, obviously. If I knew president Trump’s thought processes precisely, I’d be making a lot more money than I am right now. They’re small countries that we can essentially bully. We didn’t pick on Saudi Arabia because we need their oil. We didn’t pick on Pakistan, because we need their help in fighting Al Qaeda and other insurgents in the FATA and in Afghanistan. What we did do is we picked on either people we really don’t like at all, like Iran, or people who can’t respond very sensibly like Yemen. That’s my guess.

Yeah. Okay. That probably leaves out the idea of homegrown terrorists as well, correct?

Oh yeah, right. Leave aside the fact that 80% of the attacks that we’ve seen lately in the US are people who are here legally or have been here for years or were born here and self-radicalized or internet radicalized.

Yeah. All of this does have an effect on American society. I know that I think the general feeling in California is that focus and productivity has probably been a little bit down since inauguration. Personal safety fears are up. That has an economic effect on the country as well.

I think that’s right. The psychological effect I’m sure in places that didn’t vote for Trump, people are kind of like me, confused and depressed. On the other hand, we do have to recognize that 60 million of our fellow citizens voted for the man, 61 million. That’s a pretty big number of people who are happy. That reflects their concerns, many of which are tied to this immigration ban not in any real sense of homeland security threats, but in a more broad based sense of kind of loss of identity, loss of jobs, that sort of thing. Again, I can’t speak for them, but their concerns are not any less real simply because you and I can’t relate to them as well as we might.

Got it. Let’s pivot here to talking about the news that broke earlier this week from WikiLeaks regarding the CIA’s programs. Can you tell us for our listeners on A Step Ahead what they should know, what kind of the general synopsis of the issue is? Why is this a big deal? Why did this come out, and what should we know?

It’s a big deal for two reasons. The narrow technical one is that it demonstrates that the CIA, and by inference, lots of other nations are visibly engaged in finding vulnerabilities in consumer products to the advantage of governments. I have no doubt that anything that the CIA learned, probably the Russians and the Chinese learned, plus a number of others that they’ve learned that we haven’t found ourselves yet. The significance there is really that people who are developing hardware and software in the valley are increasingly going to have to engage in what I call defensive development, that is developing products, software, hardware, applications, whatever, with the expectation that outsiders will place them under assault. That’s a sea change change. Product cycles right now are all about rush to market, functionality, minimum functionality sorts of things. Now that may have to change some.

The second broader piece of this is simply a reflection of the fact that American interests, or perhaps more broadly, western interests, are really under assault right now. WikiLeaks is engaged in program of trying to tear down the western governmental system, whether it’s because they’re anarchists or because they’re in the pockets of the Russians I’ll leave for others to decide, but we’re not responding very well. We have not found a way of keeping secrets. We have not found a way of publicly justifying what governments do. Maybe some of your listeners think that it’s unjustifiable, and they’re rooting WikiLeaks on. For me, at least, I think that eroding that kind of governmental trust is going to be bad across the board for all of us.

The idea of information sharing has been one that’s been bandied about, and it seems that the government is in favor of tech companies sharing information. Does it appear to you that this WikiLeaks leak will…you talk about eroding trust. Will it erode trust between private entities and government agencies?

I think that’s inevitable. The WikiLeaks leak, the fact that president Trump has no real friends in the valley, except for Peter Thiel. I don’t know if you saw today, but he named his new cyber security advisor, the national cyber security advisor is a man who used to be head of the Tailored Access Office at the NSA, so a guy whose main job was breaking into systems is now the head of cyber security. That’s not going to play very well in the valley, at least I wouldn’t think it would. I think we’re in for a difficult patch of time where there’s going to be increasingly greater tension between tech developers in California and Washington policy makers.

You don’t like the phrase cyber war. You have a different phrase for it, right? What do you call it?

I prefer conflict, cyber conflict, cyber context.

Cyber conflict.

The reason is simply that if it’s war, that means that it’s also legal to add bombs and tanks and send them in as well. I sort of tend to think that we should limit that description to real incidents where people are getting shot at. If a bunch of baby electrons are dying, that’s not quite the same thing.

I got it. So a virus is not akin to a drone blast, per se.

Not unless the virus blows up the generator at the dam by causing it to overheat or something like that.

Okay.

That’s possible, right?

Yeah. Is cyber conflict the next attack plane? If so, what does that look like for the innovation community?

Oh, I think that’s really what we’re experiencing. The CIA that we were just discussing, the information operations that are being run by Russia in an effort to influence the American election, now the French and the German elect, and the Czech elections as well. Those are all part and parcel of what I call conflict. I don’t want to minimize them. They’re extremely serious and significant incidents. You might even think that they’re more important, because eroding trust in democracy is a lot worse than blowing up a dam in a lot of ways. That’s the plane at which conflict is happening now. It’s much more shadowy. It’s much more difficult to attribute things. It’s got a lot of deniability. One of my favorite things out of the CIA hack, not really favorite in the sense of I like it is that Sean Hannity is now saying that he thinks that this proves that the CIA are the ones who hacked the Democratic National Committee and tried to frame the Russians.

Which is possible.

Let’s start with it would be vastly illegal, because the CIA is not chartered to examine the conduct of any American, much less political opponent, politicians. It’s highly improbable, since of course it means that the Obama CIA was trying to hack Hillary Clinton, Obama’s hand-chosen successor. Then of course it’s nonsensical, because they then released it to ensure the election of Donald Trump, who they apparently hate now. They were working to elect Donald Trump? It makes no sense at all, but there’s enough uncertainty in this domain that some conspiracy theorists on the far right are going to give this credence.

This sounds almost silly to even ask you this question, but can there be ethics for nations around hacking each other?

There might be. The development we call the norms rather than ethics, norms of behavior that governments would abide by, we try and develop them, and I could imagine a few of them maybe taking hold, for example, not destroying the domain name system so that all look-ups couldn’t work. That would be kind of like critical infrastructure for the world that governments might get around to declaring off limits. The major problem with this is not the inability to identify norms with other governments, because at bottom, the Chinese and the Russians are rational. They’re not into blowing up the world.

The problem is that cyber is a democratizing instrument of power so that the norms would also have to be ones that you would be confident that all the small actors, the non-state actors, like the WikiLeaks’s and the Anonymous’s and the LulzSec’s and the Al Qaeda’s and the Earth Liberatin Front’s would also honor. Fundamentally, many of those non-state actors are not rational in the same sense that the nation states are rational. They might just decide that destroying the global financial system would be great, because we could go back to the barter economy when the means of production were in the hands of the working man. I’ve just made that up.

Isn’t that what Mr. Robot tried to do?

Yeah, exactly. You could sort of imagine somebody like that. Imagine a real Mr. Robot with a lot of capability, and ask yourself would he ever abide by norms, even if the US, China, Russia, Germany, Israel, France, Iran, Saudi Arabia, and South Africa agreed to them? The answer is, well, no.

That seems like that’s why it kind of almost sounds like a silly question, because why would you agree to ground rules if this is cyber, if you even escalate it, just for a second escalate it to warfare, why should there be rules? That makes it difficult.

That makes it very, very difficult.

You’re listening to the A Step Ahead podcast. Mike Montgomery here with the founder of Red Branch Consulting, Paul Rosenzweig who is one of the leading cyber security experts in the entire world. We’re lucky to have you on today, Paul. We really are. We’re talking about a guy who is with the Department of Homeland Security, has seen and heard and experienced things that the rest of us will hopefully never have to see or experience, but your role has been to keep people safe, keep the country safe, to keep us safe and secure. There’s this phrase that keeps coming up called the vulnerabilities equities process, the VEP. What is that, and why should Silicon Valley know what that means?

That’s a great question. Silicon Valley knows what vulnerabilities are. There are zero day vulnerabilities in new operating systems or new attack vectors through new applications, all that sort of thing. Sometimes those vulnerabilities are discovered not by malicious actors in Russia, but by the United States government. The question that the vulnerabilities equities process asks is should the US government hoard those vulnerabilities and use them for its own purposes in foreign intelligence, or should it disclose those vulnerabilities to the manufacturers, the tech industry in the valley so that the valley can patch those holes?

Almost all of the CIA’s vulnerability attacks that we just learned about are ones that might have been disclosed back to the original hardware or software manufacturer in the first instance. If they had done that, then the manufacturer might have patched that, in which case the CIA would not have been able to use them to spy on the Russians, for example. The equities process is kind of weighing that in the balance, deciding which ones to disclose back to the manufacturers, which ones to save for a rainy day. According to the Obama White House, about 90% of what we discover we disclose back to the balance. Of course, the flip of that means that there’s 10% we keep.

That 10% is a pretty heavy thumb on the scale, though.

Well, it depends on your viewpoint on how good the government is at measuring that, those equities, whether or not there’s greater utility in them. A famous example is the FBI famously wanted into Apple’s iPhone about a year and a half ago. Apple said no. The FBI bought a vulnerability from somebody, the press says it was an Israeli hacker, and used it to break into the phone, at which point Apple said, “Could you tell us about that so we can fix it and close it up?” The FBI politely said, “Go pound sand.” Actually, they didn’t quite say that, but they said, “You wouldn’t help us, dudes. Yeah, we’re not helping you.” That vulnerability will age out, because it was in the iPhone 4 and 5, and we’re up to the 6 now. It clearly is not going to be a long-term value to the FBI, but that was kind of the equity process that the FBI went through. One of the pieces of the equity process was, “You’re not helping us. Why would we help you?” Which seems a little childish, but also seems understandable.

I guess so. When you think about the vulnerabilities that could be patched by US companies, in some instances these vulnerabilities are threatening to the US economy and US productivity. It seems, in some instances, that the CIA got the espionage part of this right, but perhaps they got a lot of the rest of it wrong. Do you agree with that or not?

I think that’s quite plausible. I certainly know that that was true with a lot of the vulnerabilities that Snowden was famous for releasing. If I were the valley and I had one ask about the vulnerabilities equities process, it would be to make sure that somebody with their interest in mind is at the table pitching. They want in themselves, but they’re never going to get in, because it’s a government thing. It should be the Department of Commerce, NCIA, Office of Science and Technology Policy, there’s a whole bunch of people who are on the technology innovation development side who need to be heard in this process, whose voices need to be part of the discussion.

Are you somebody who can help these companies be heard?

Yes. Send them to me, Red Branch Consulting. Yeah. That’s what I try and do for a living. One of my great frustrations, frankly, with the valley, especially with the small entrepreneurial innovators is that they don’t understand enough about Washington, and they don’t think it matters to them. I get the focus. They’re about getting out version one of the greatest next thing, but the lack of insight into Washington and the lack of concern for it is unfortunately…I have a phrase. I will use it. You know what an alpha predator is?

Sure.

Alpha predator, top of the food chain, the shark. Washington is the alpha predator in the policy world. The small entrepreneurs in the valley spend most of their time believing that Washington is irrelevant to them. Most of the time they’re right until they’re wrong, until Washington cuts off their computer engineers, or mandates backdoors and encryption, or puts together a vulnerability equity process that does not include the equities of small and medium size developers who are trying to break into the market and dearly would love to know about mistakes in their code so that they can make better a product. That’s what the valley is missing, I think.

Yeah, and I think you’re right. Some people get that. The problem is it’s almost like life insurance, right?

Exactly. Nobody wants it or even has insurance. If you’re 25, you don’t go with it, because you figure I’m invulnerable.

Yeah.

Then you die.

Exactly. I think that’s a really good point that you make. You got to have a seat at the table. Some of the challenge is a lot of these smaller companies, the startups, will ride the coattails of larger companies because they can’t afford it, or they don’t have the knowledge base to work with an advocacy group like CALinnovates or an advisory group like Red Branch Consulting. I think we do play a valuable role in bringing those voices to the table.

I think that’s essential, and frankly I get the idea of slipstreaming in the wake of the big boys, but the small innovator and big boys are not always on the same page. They may be sometimes, but encryption is a great example. The big boys don’t want encryption, but if they have to do it, they’ll just change the code when they can afford to. If you’re a small guy who’s been building encryption into the middle of your product and all of a sudden you get a mandate to put in a backdoor, that’s 12 months of runway that you just lost.

Yeah, which is life and death.

Yeah, and so you’re dead. For Microsoft, it’s a pain in the ass. For Apple, it’s a product hit. For your average next startup, it’s the end of life.

What can happen here? Can there be a lawful hacking regime with rules put in place by Congress?

I think there has to be. Whether there should be or not, I don’t know, but there has to be, because if not, there’s only going to be unlawful hacking. We need to find some way of building a system where people who want to be in a position to defend themselves can do so in a way that is lawful without becoming the wrong side of the law right away. That’s an essential part of the puzzle. It might not be necessary if we could find a way to clamp down on hacking altogether, but that’s just not going to happen, right?

Right. Paul, there’s a theory out there that it’s not just the CIA that’s doing work like this, but it’s also the NSA and the Department of Justice. If that is the case, why would the United States have three different agencies spending time and resources doing the same thing three times over?

That’s a great question, but I think that the answer is we believe in separation of functionality as a way of protecting liberty. The FBI operates domestically. The NSA and CIA operate overseas. We hope that we can constrain them to just operating overseas so that we never unleash them. The FBI is focused exclusively on criminal activity, and it’s subject to the restrictions of judges with warrants and probably cause requirements. The NSA and CIA, they don’t have rules. There’s no American law that makes it a crime to hack a Russian Samsung TV. In fact, that’s what we want them to do. We have more than $50 billion in budget to get them to be able to do that. Traditionally, the NSA has been focused on signals intelligence, so they were communications, and the CIA has been focused on personal individual human intelligence. Now with the development of bring your own device, small devices, those two are sort of converging. The CIA and the NSA are starting to have digital overlap. That needs to be worked out, but their separation is historically a valid one as well.

Okay. Then what’s the optimal path forward on cyber from the perspective of the innovation economy?

I think the first step is be informed. Don’t live in your little bubble. I’m about to start a monthly newsletter. If you want in, send me an email. Send it.

Sign me up.

Yeah, okay. I will.

Where can we send that? Where can we find you right now? Let’s talk about that.

Okay, it’s redbranchconsulting.com. All one word. redbranch.consulting.com. It’s Paul.Rosenzweig, R-O-S-E-N-Z-W-E-I-G @redbranchconsulting. Send me an email. Sign up. I’m shooting for monthly now, just bringing Washington to the valley. Right now it’s free. Eventually maybe someday I’ll charge for it, but we’ll see about that. It’s something I just started a little while ago for this very reason, that innovative people don’t know what’s happening.

Right. People want a path forward. They want to know that there is a tactical path forward for them. What does that generally look like? If you could pull out your paintbrush and kind of paint that with words here right now, how would you do that?

After awareness comes action. My action items I think would be engagement with Congress and the executive branch about the issues that are closest to them. If you are interested in encryption because a change in encryption law will destroy your company, what we talk about in the newsletter is there’s a comment period. Put your word in. Say this is what…talk to your congressmen. Write an op-ed for a local newspaper. Write an op-ed for one of the trade magazines that does this. Write an op-ed for the CALinnovates newsletter, right?

There you go.

Something like that. All of those things are eminently plausible and ways of going forward. The most important thing besides awareness and engagement is kind of organization. Right now, the entrepreneur community is diffuse. They don’t do this. They need to, frankly, join CALinnovates or something like that. Sorry, had to do the plug.

Thank you.

It’s true. If you’re a small entrepreneur, you don’t have the wherewithal to do all this yourself, but you need somebody who’s looking at what’s happening in Sacramento and what’s happening in Washington to give you an alert if there’s something that really needs your attention, tracks legislation for you, warns you that a regulation is coming that’s going to destroy your business model. This is how it is. The last step, of course, is eventually when you get big enough to afford it, put your money where your mouth is, and start buying ads, making political contributions, that sort of thing. Eventually that’s where you have to go.

Right. You and I have had a few conversations about agile methods and 18F. I think this is one of your favorite things to talk about lately. Can you tell us about agile methods and 18F and why that matters for the innovation community?

Sure. This is exactly one of the things that people on the west coast ought to be aware of is happening on the east coast. Most of your listeners probably know what agile methods are. They’re a quick agile method of software and hardware development that trots out new functionalities one at a time. We go from version 1.1.1 to 1.1.2. If 1.1.2 doesn’t work, we back up, and then we go to 1.1.3. It doesn’t have 1.2. It’s modular. It’s supple. It changes quickly. It’s short on documentation, long on deploying functionality quickly, and it’s absolutely not how Washington works. Washington works by something we call the waterfall method, where they sit up at the top and they spend two years thinking about their requirements, then they do two more years of design, two more years of development, two more years of implementation and testing, and then eight years later they trot out an entire program that can do everything, but is so out of date that nothing is left on it. Instead of saving the feedback and comments pain for later, they make sure that that’s in there, too, but which time the entire program is dead.

18F was an innovation of the Obama administration to bring Agile methods to software development in the federal government. They were started in the wake of the healthcare.gov website disaster. President Obama sent up a flare to his friends in Silicon Valley and said, “Send me some people with chops here who know what they’re doing and bring them to Washington to help me fix that.” They fixed that, and they did some really good work on the Veteran’s Administration’s website and systems, the US Citizenship and Immigration services, which is in the process of digitizing all of its records that are still paper files from the 1800s. That’s a huge project, and it needs a lot of Agility in its development. They’re working on that. They did some work for FIMA in quicker responses to emergency measures. Great stuff, but along the way, what they did was they used their west coast methodology. They used off-the-shelf technology. They stinted on documentation, frankly.

The General Services Administration, which is the main provider of services through the government came in, and the inspector general just wrote a scathing report in which it said, “You’re using unauthorized software on federal systems.” That really sounds bad, doesn’t it? I wouldn’t want anybody to use unauthorized software on a federal system, because that might be insecure, except that it’s not. What they meant was that they were using common, off-the-shelf technology like Hootsuite and Pingdom, which half the websites in the world use to monitor their performances. That was what they were critiqued for.

Interesting. Let me ask you a quick question.

Yeah, so what’s…sure.

The CIA probably has a way in on many of those programs anyway, and other nation states do as well, right?

That’s true, but I don’t think there’s any evidence that Pingdom is less secure than an in-house developed web program.

It’s likely more secure, right?

Right, because it’s got 700,000 users in 22 countries, including Facebook and Spotify. I happened to look that up the other day. If there was a problem, these guys would have found it. Somebody would have reported it last year, and they’d have fixed it, right?

Yep.

That’s how the real world of development works in California, and frankly in Silicon Valley and the Silicon Corridor in Boston and in Virginia. That’s not how the US government works. The US government is a no-defect, audit everything system that destroys you if you don’t check every box, but checking the box is not security. What is security is what works.

What’s the future of 18F?

In doubt right now, under assault by the GFA Inspector General. A couple of really bad press pieces in the DC Press, which we designed to take them down, more sophisticated people like me are trying to boost them up. This is a precise instance in which people from Silicon Valley who understand this ought to be calling back to anybody they know in Washington and saying, “Look, get real. This is good stuff. Don’t let the federal bureaucracy kill innovation with its rigid checklist methodologies, otherwise these federal IT systems are never going to be up to speed. They’re always going to be two generations behind and incapable of supporting innovative technology. This is precisely one of those things that people need to talk about.

You’re right, the idea of modernization is very important. Being antiquated is bad for the citizenry, it’s probably bad for security, and it’s not very efficient. I think from the sounds of it, we can get behind the 18F movement, and it sounds like something that should continue.

I think so. I have no dog in this fight. I don’t know anybody at 18F. I got a lot of nice notes from people recently because I wrote something about it, but it’s easy to see that if you understand how the valley works, but this is not how Washington works, but it should be.

Yeah, it should be. It seems like there’s a lot of debate about that right now on a number of issues across the country. I think that the products that are being developed and the platforms that are being developed in Silicon Valley affect the country and the world mostly in very positive ways. The thought process is there, and I think that the administration needs to consider the fact that a lot of these products and platforms and services are being developed by immigrants. To come full circle here, Paul, it seems a little bit short-sighted to slam the door when we, at least out here in California, believe that Silicon Valley is one of the strongest aspects of the U.S. economy. We need to do everything we can to help move that forward, whether that’s expedited processing of H1Bs or just simply more H1Bs rather than less or no expediting.

We need to supercharge the innovation economy. We need to supercharge the workforce. We probably need to work on educating the workforce better at a younger age so that we can fill more of those jobs. We should be inclusive. We should be welcoming, and we need to do everything we can at this point in time to support innovation. I think it all really ties together quite nicely with a bow. There is interplay between private sector and government. We get that, but when there are things like what the CIA has done that could affect companies and could affect startups, one vulnerability could ruin a startup. There’s no retribution. There’s nothing. You can’t go sue the CIA for not disclosing or putting this before the VEP. We’ve got a long ways to go, I think.

I agree completely. It really strikes me that at a very fundamental level there’s a lack of understanding of how innovation happens in Washington. That’s something that has to change, or it will never get it right.

Yeah. Those are words of wisdom from Paul Rosenzweig, the founder of Red Branch Consulting. You can also find him on the Lawfare Blog. You write quite often, I think. It looks like maybe even weekly, right?

Yep.

Yeah.

Probably at least. Whenever something happens. Blogging is like that.

Yeah, and something seems to be happening pretty often these days. Paul, thanks for joining us on A Step Ahead. It’s been a pleasure to talk with you, and I hope that we can expect you back when other things happen in the cyber and the security world. Then we can work them out and talk them through and help our listeners understand what’s going on.

I would love to come back any time you invite me.

Good.

Thanks for having me on.

Absolutely. For our listeners, look up Red Branch Consulting and Paul Rosenzweig. He is a cyber security expert, and maybe he can be yours. Thanks for listening, everyone.

Page 5 of 31« First...34567...102030...Last »