Platform Access

Net Neutrality Redux: Americans Want Certainty; See Tech Giants and ISPs in Similar Light

Sixty-Two Percent of Americans Are Either Unsure or Believe Tech Companies and ISPs Are about the Same When It Comes to Protecting Privacy

San Francisco, CA, December 11, 2017 – After more than a decade of squabbling over so-called Net Neutrality rules, Americans want the issue settled once and for all to create certainty, according to a new survey by technology advocacy group CALinnovates.

Sixty-one percent of Americans, for example, report that creating regulatory certainty is important for the future of the internet and innovation.

But underlying that desire to settle the issue, according to the survey, is a growing sense that the technology companies driving the net neutrality debate aren’t different from their internet service provider opponents. The survey of 1,116 Americans found that:

  • Only slightly more than 1 in 3 Americans saw a difference between tech companies such as Google and Facebook and ISPs such as Verizon when it came to protecting their privacy. In fact, 62 percent reported that they are about the same or are not sure.
  • When it came to which companies they are more likely to trust, ISPs such as AT&T, Verizon and Comcast (20%) were slightly ahead of tech companies such as Google, Facebook and Twitter (18%). Overall, 50 percent of Americans said they trust or distrust them about equally.
  • And when it came to which of the sectors had the most to gain from net neutrality, it was again even. Sixteen percent of Americans thought tech companies because they want to maintain access as cheaply as possible, while the same amount said ISPs because they don’t want rules imposed on them.

“Americans intuitively understand that this never-ending game of policy pingpong over net neutrality must come to an end so consumers and the tech ecosystem can move on and focus fully on making magic,” said Mike Montgomery, Executive Director of CALinnovates. “With yet another FCC vote ahead, it’s time to bring this to a conclusion so we can get on with the business of innovating and delivering services consumers want.”

What the survey data reflects is the issues’ complexity and Americans’ struggle to understand its impact. Nearly the same number of Americans said they don’t understand the issue (45 percent) as said they do (48 percent).

But even if many don’t completely grasp net neutrality , they are looking for leadership from Washington to sort it out once and for all. And whatever happens, 82 percent of Americans want the FCC, which is slated to vote on net neutrality rules shortly, to be transparent about the proposed rule changes in advance of a vote.

The CALinnovates survey of 1,116 Americans was conducted from Nov. 27-Nov. 30 and has a margin of error of +/- 3 percent.

ABOUT CALINNOVATES

CALinnovates is a non-partisan technology advocacy coalition of tech companies, founders, funders and nonprofits.

Congress Must Answer the Call for Net Neutrality

A statement from CALinnovates Executive Director Mike Montgomery:

“Hopefully this puts to rest the FCC’s recurring role in this decade-plus long tragicomedy and forces Congress to deliver a lasting solution that will provide innovators and consumers the clarity, certainty and protections they require to navigate the digital era in which we live.

“In releasing the white copy rules for public review three weeks before the Commission’s vote, Chairman Pai has removed a lingering opaqueness that has obscured the openness the public deserves. Such transparency is far overdue at the 83-year-old FCC.

“Americans overwhelmingly favor a permanent law over regulations that can be changed from administration to administration. The power – and responsibility – to make those rules sits unquestionably on the shoulders of Congress. Despite ongoing Congressional gridlock, legislators must answer today’s call to develop clear, bipartisan rules that guarantee bright line protections.”

The Personal Enterprise Economy Lets Us All Be Entrepreneurs

By Kish Rajan

Imagine setting out to be a wedding photographer or a dog trainer as little as 10 years ago. These kinds of jobs required enormous effort to get off the ground. Often people working as sole proprietors had to not only be great at their jobs, they had to be marketers and book keepers as well. It was enough of a barrier to keep plenty of people in unfulfilling, and often low paying, jobs.

Today that’s changing. Platforms like Thumbtack give these kinds of professionals a digital space where they can easily start their businesses. Thumbtack brings the customer leads to the pros and then facilitates payments handling both the marketing and the book keeping.

That means that people who might have previously been afraid to follow their dreams can now start their own businesses. People in dead-end jobs can find ways to forge their own path.

Technological advances have enabled people to turn their passions into their livelihoods by making it easier to connect with customers. Now, benefits, licensing and other necessities of doing business need to follow suit.

Postmates is having a similar effect in the restaurant industry.

A decade ago, starting a small bakery or restaurant was an almost insane endeavor. Margins at food businesses are notoriously thin and while the right location can get you plenty of foot traffic, it can also cost more than many budding entrepreneurs can afford.

With Postmates, a small, out of the way restaurant has as much of a chance to thrive as one in a better location. As long as a Postmates driver can get there, the restaurant can attract online diners who want food delivered to their homes.

We hear a lot about how automation is hurting jobs but we hear a lot less about how technology is helping people who are building businesses in the service industry. This is a regular topic of discussion between the tech industry and members of the California Legislative Technology and Innovation Caucus.

The truth is that the nature of work has been changing for many years—long before companies like Uber and Airbnb came along. While layoffs were once a big problem for people who worked in manufacturing, today more people are quitting than getting fired. While politicians might bluster about returning to a mid-century economy, workers on the ground are quickly adjusting to the new reality.

What are often called gig economy companies are making up the difference. I prefer to call this sector the personal enterprise economy because what it’s really doing is giving everyone, no matter what your skill, a new way to build a business.

On Thumbtack, for example, two-thirds of the professionals on the platform work full time. That means these aren’t people scrambling to make ends meet from a second job. They are entrepreneurs who have built their own businesses often doing what they love. The service is available in all but one county in the United States making it a truly democratizing force.

These new technology platforms are giving people new ways to work and creating new opportunities. To pretend they are actually the forces destroying jobs is misread the tea leaves.

But we can do more to help people in this new economy succeed.

As we move into the future of work, government and businesses need to think about how to help workers succeed in the new economy. Benefits need to be decoupled from corporations. Licensing should not be tied to a specific small municipality. Professionals should be able to easily ply their trade across country lines. And training and retraining need to become high priority.

We are just at the beginning of this conversation but it’s crucial that we continue talking—and listening to new perspectives. That’s why tomorrow, CALinnovates, along with TechNet, Senator Cannella and Assemblymember Gray, is hosting the inaugural Valley to Valley Forum at UC Merced.

End The Policy Pingpong, Cement Net Neutrality Into Law

By Mike Montgomery

Like any reality show that hinges on ginning up new drama for its captivated viewers, the debate over net neutrality, now more than a decade old, is fueled by manufactured conflict.

Since 2005, here’s the scorecard: three attempts by the Federal Communications Commission (FCC) to implement net neutrality rules, two reversals, endless litigation and a whole lot of outrage by interest groups and think tanks on all sides of the issue that rely on perpetual conflict to fundraise.

That outrage has worked, inspiring more than 20 million net neutrality comments since 2014 — more than have been submitted about any issue in FCC history.

 

This endless loop is not doing most stakeholders any good; not the small businesses that net neutrality is designed to protect from being relegated to slow lanes, nor the consumers who want the new services and ever-increasing internet speeds that innovation and investment create.

Americans seem to understand this: According to a new survey, Americans overwhelmingly favor a permanent law over regulations that can be changed from administration to administration. Indeed, 74 percent of Americans said they would support net neutrality legislation that enabled them to use the internet free from government or corporate censorship, while creating rules that ensure a level playing field.

It’s time to end the slowest game of policy pingpong before it drags into another decade. It is high time for Congress to finally step up — after multiple decades of hibernation — and pass affirmative, bipartisan legislation that makes net neutrality the law of the land. That is something that CALinnovates has proposed for three years now; we are gratified that others are finally jumping on the bandwagon.

Unfortunately, many still balk. They would rather decry what the FCC is doing in reconsidering the Open Internet Order or rail against “government control.” In an ironic move, the “Day of Action” really highlighted the inaction we are stuck with — yet another round of public protests and bluster against the inevitable FCC reconsideration of the Open Internet Order instead of real action to demand that Congress enshrine net neutrality into law.

Let’s call that what it is: faux outrage. There is an opportunity — right now — to settle net neutrality once and for all with legislation that would ensure that whoever is in the White House and in charge of the FCC won’t rewrite the rules. Neither side is likely to get 100 percent of their demands, but there’s clear agreement over the core 95 percent that should be cemented into law.

Such legislation must guarantee clear rules that prohibit blocking and throttling and guarantee transparency. In short, there should be no discrimination whatsoever. Legislation should ensure that no “fast lanes” for preferred content are allowed to develop through paid prioritization, with few exceptions, such as free data. Free data (aka zero rating) and other offerings that don’t count against data caps must demonstrate how they provide consumer benefits and encourage, rather than stifle, competition.

Such legislation is likely to garner wide support, especially among younger voters. The recent survey revealed a surprising nuance about younger voters’ stance on internet governance. Contrary to previous understanding about millennials’ views on internet issues, the survey found these Americans are the most likely to think the internet is over-regulated. In fact, 18- to 29-year-olds were nearly twice as likely to favor congressional action over FCC oversight.

If Congress were to enact bipartisan legislation, the principles of an open internet would be the law — and the net neutrality reality show would be cancelled prior to season 13. Is there another option? Sure. Partisans could wait for the next Democratic president to appoint an FCC chair. At the earliest, that’s in 2021. Can the country go that long without net neutrality?

We can’t, and shouldn’t have to wait for inevitable swings in partisan control to settle this for the benefit of all sides. Congress must wake from its two-decade slumber regarding internet policy to take the decision away from the FCC and cement net neutrality once and for all.

As a strong supporter of the principles of net neutrality, CALinnovates believes Congress can muster such courage. Now it is time to see if interest groups representing all positions in this debate will set aside their faux outrage long enough to put their heads where their hearts are.

Mike Montgomery is the executive director of CALinnovates, a coalition of tech companies, founders, funders and nonprofits that aims to educate policymakers, elected officials and regulators on the virtues of the 21st-century digital economy and raise the issues of importance to the technology community at the local, state and federal levels of public policy.

This piece was originally published in The Hill.

The Dangers of a Geofenced Internet

By Tim Sparapani

A big part of the appeal of the World Wide Web has always been the first two words — “world” and “wide.” The internet represents an almost utopian ideal of a place where people around the globe can come together to share new ideas, create new products and even argue.

But as a privacy advocate, I fear we are rapidly hurtling toward the worst of all future states for the internet: one in which your present location dictates how much online privacy or free speech you enjoy. The current trend of carving up the country, and the globe, into an inconsistent patchwork of privacy and online speech laws benefits few and leaves too many exposed.

I’m a frequent traveler to California, and Assemblymember Ed Chau’s bill to mandate baseline privacy protections for consumers’ data got me thinking about the sorry state of privacy rights and the mistaken direction we are headed. If you are lucky enough to live in a state like California that favors privacy rights, you know that the region also favors policies that support innovation and places few limits on speech online.

But, since most of the world doesn’t live in such a digital utopia as California, many are likely to live, work and spend most of their time in a place that provides, at best, only moderate protections, while limiting what people can see, read or say online.

In the U.S., my fellow privacy advocates are seeking local regulations in reaction to failures at the federal level to enact wise data privacy and online speech policies. But Asm. Chau’s well-intentioned pro-privacy proposal is, unfortunately, only a bandage. It saps energy for the enactment of strong, nationwide policies to protect the privacy of consumers’ data — something we should all favor.

If the bill is enacted, when I visit California the ISPs I’ll encounter will protect my data more rigidly than those I use when I visit family in Wisconsin or am at my home in Washington, D.C. That leaves me less protected everywhere else and gives Californians an inflated sense of security while potentially leaving them exposed when they leave the state. That makes little sense. While I applaud California’s tradition of progressive privacy leadership, I deplore the fact that we don’t have basic privacy nationwide. For example, last year New Mexico became the 48th state to enact basic consumer protections for data breaches that leak consumers’ private data. But what about the residents of Alabama and South Dakota, or all of us when we visit those states for business or pleasure?

The danger of well-intentioned efforts that impose policy restrictions on the structure and content of the internet is real. While these proposals are laudable, personal privacy rights shouldn’t change from state to state. When Californians move around the country for work, to visit family or for vacation, they shouldn’t limit their travel based on states where they can privately and safely transmit medical or financial information, for example.

The same principle should hold true for Californians’ ability to access content or speak online as they travel the world. Restrictions in places like Turkey, Saudi Arabia, China and even across the European Union mangle the internet and make a mockery of the phrase “World Wide Web.”

Don’t mistake my message — I’m not saying we should get rid of all regulations. Instead, wise policies for the internet age — the kind that made California a beacon of innovation — should favor national and global norms that protect data while encouraging free speech. Consumers shouldn’t be left to fend for themselves under the lowest common denominator of protections. Instead, meaningful privacy protections need to be baked into national law.

If anything, the legislation should include more rigorous, broader privacy protections. The legislation should apply to offline businesses as well, instead of singling out ISPs, as retailers routinely obtain similarly sensitive information. The legislation should mandate that an ISP continue protections for Californian customers no matter where they travel to when using the same ISP, so that privacy protections would follow Californians across state lines at least some of the time. It should explicitly prohibit ISPs from obtaining roughly equivalent information about their customers by buying it from other companies that have it.

Most importantly, we need to give the Federal Trade Commission and the Office of the Attorney General of California the resources they need to protect consumer privacy both off- and online. We need robust enforcement of existing privacy laws coupled with a push for strong, nationwide protections.

The real danger in the internet age is states and countries erecting barriers that turn the web into a series of fiefdoms with different rules.

California can lead by example by promoting regulations that are robust and nationwide or global. But by enacting well-intentioned limitations on privacy, it gives encouragement to other well-intentioned rules. It prevents U.S. companies from arguing that rules on the web should be universal. After all, the rules in China to limit Chinese people’s access to the internet in the name of promoting security are also well-intentioned. The same is true for calls from French and Belgian national security agencies to force back doors in encrypted software and to limit speech in the name of potentially preventing radicalization. These types of regulations are always justifiable, but they turn the World Wide Web into a broken map full of unknown consequences.

That’s a destination that none of us wants to visit.

Tim Sparapani is Senior Policy Fellow at CALinnovates, a non-partisan technology advocacy coalition of tech companies, founders, funders and nonprofits.

This Attempt to Protect Internet Users’ Privacy Should Get an Error Message: Guest Commentary

By Mike Montgomery

Sometimes a good idea can come with unintended consequences. Take. for example, Assembly Bill 375, which is working its way through the California Legislature in the last few weeks of the session.

The bill, introduced by Assemblymember Ed Chau, D-Monterey Park, is well intentioned. It aims to limit how internet service providers (also known as ISPs) can use people’s personal data. Consumers would have to give opt-in consent before the ISPs could anonymize their data and then use it to learn about trends in the marketplace or TV viewing patterns.

But here’s the problem. If the Chau bill passes, it sets different standards in California than it does in other states. And implementing a different set of rules for Californians won’t create better online privacy for consumers. If anything, it will give residents in California a false sense of security.

The rules the state Legislature is proposing only apply to ISPs. This piecemeal approach means a website or app that you use frequently or only once can still collect, share and sell your data. Those ads you see after searching for a pair of shoes or a vacation destination online? Well that information is still being tracked by sites and vendors that would not be impacted by this bill.

A patchwork of regulations creates confusion for consumers, 94 percent of whom say they want their online data subject to a consistent set of privacy rules that apply to all reaches of the internet, according to data submitted to the Federal Communications Commission (FCC).

Inconsistent rules create confusion for consumers as well as entrepreneurs building internet companies in California and elsewhere. The startup community, which provides immense value to our state, would prefer to focus on consistent regulations when building and growing their platforms, not whether or not they are abiding by regulations that change from state to state.

That’s why CALinnovates continues to call for a single, federal policy to protect internet privacy across the country with one set of rules for innovators to follow and consumers to understand.

There is some good news, though. Not only does the Federal Trade Commission (FTC) still have oversight of privacy rules, but Californians are already protected by our “Little FTC Act,” which allows California’s attorney general to enforce federal privacy regulations. Additionally, there are numerous federal laws protecting sensitive consumer information around things like children’s data as well as financial and health-care information.

By enacting this legislation, California also risks its position as a progressive policy leader by setting restrictions on internet companies that don’t exist in other states. The law sends a message that our state is more interested in passing laws opposing the current presidential administration than in passing laws that protect consumers and create conditions for an ongoing virtuous cycle of investment, competition and job creation.

Privacy is essential. That’s why it needs to be tackled in a comprehensive manner by Congress. We need consistent regulations around privacy that apply to everyone, and across the entire internet ecosystem, no matter what state they live in or what their business model says about data collection and use.

Mike Montgomery is executive director of CALinnovates, a non-partisan technology advocacy coalition of tech companies, founders, funders and nonprofits.

This piece was originally published in LA Daily News.

Day of Action Should Not Just Be One Day

By Mike Montgomery

As many know, today is a day of action on net neutrality. For everyone who believes in the principle of net neutrality, however, we shouldn’t reserve just one day. That’s because for nearly a decade a cloud of uncertainty has hung over the future of net neutrality. It is time for that uncertainty to end but it will take a sustained effort, not just one day of protest to fix this. For too long the fate of net neutrality has been subject to whomever sits in the White House and nominates the FCC chairperson.

As we have been saying since 2014, we need to translate today’s day of action into a sustained effort to get Congress to write into law the principles of net neutrality, which are foundational in the digital age. That will protect entrepreneurs and provide a level playing field. This isn’t a new approach for CALinnovates as it is for many engaged in the debate. We have said for 3 years that legislation is not only important, but that it is vital. As one of the first voices to argue for legislation to codify these important principles in stone, we didn’t push the easy button and accept temporary regulations.

We know there are some who don’t see it that way. They would rather rail at the FCC for once again reversing its position. But what good does that do? If a Republican is in charge, the FCC sees net neutrality implementation one way; if a Democrat is in charge, the FCC sees implementation another way. Either way the other party raises campaign funds arguing that when they are in charge next they will switch things up. Meanwhile, consumers and entrepreneurs lack certainty that legislation would provide about fair, clear rules of the internet road.

This back and forth is the worst of all worlds because it creates uncertainty: for consumers, for entrepreneurs and for the infrastructure providers. Here’s what we know: the current FCC is going to go in a different direction when it comes to net neutrality. Whether you agree with that — and there are a lot of technologists and policymakers on both sides of the issue — that’s the political reality. So where do we go from here?

CALinnovates has long sought a third-way on net neutrality — one that ensures it is a guiding principle but doesn’t lock into place provisions that freeze future innovation. A lot of the focus has been on the FCC’s use of

Title II of the Communications Act of 1934. And it’s not just CALinnovates that is concerned with Title II — a large group of Internet pioneers have raised serious concerns (the list of these tech leaders is below).

Here’s what one leader, John Perry Barlow — the co-founder of the Electronic Freedom Foundation — wrote: “Telecom regulations give a lot of leverage to organizations whether governmental or corporate to close down the right to know. My long experience says as soon as you give government the authority to impose regulations on the Internet you are doing something to frustrate the right to know. People tend to presume on theoretical grounds a little right minded regulation will help people build beneficial architectures and organizations. I do not think there is anything to support that theory. Every time I have seen any sort of regulation of the Internet the results have been mayhem. Declaring the Internet and the telephone network to be the same thing is like declaring a Buick and a symphony to be the same thing because they both make noise.”

The problem with Title II is that although it does, in theory, ensure that all data is treated equally and that companies can’t carve out fast lanes, it also opens the door to the internet being frozen into a time capsule that discourages network modernization, which supports the next wave of innovation and increased competition among providers. The digital world moves at the speed of light. To slow growth to the speed of bureaucracy would have serious negative effects on the tech industry that is continually transforming.

When others were calling for regulations, we argued for legislation. We were ahead of the curve while others engaged in the food fight that defines the net neutrality debate. Now, though, we are glad others are finally echoing what we’ve been saying since 2014. Bipartisan legislation would end for once and for all the endless cycle of FCC rule-making, litigation by those who oppose it, more FCC rule-making, repeal of FCC rule-making, protests, more protests and counter-protests. Our position hasn’t made us popular with those who profit from protest, but it has been the right thing to do the whole time. Today, we reiterate our call for Congress to enact commonsense legislation that put flexible but important principles into law that protect consumers and give some direction to entrepreneurs.

If net neutrality is as important as we all say it is, it should be the law of the land, not a political hot potato resting on the third rail of American tech policy for another decade.

Tech leaders concerned about Title II regulation of the Internet :

1. John Perry Barlow, lyricist, activitist, and co-founder EFF

2. Gordon Bell, researcher emeritus, Microsoft

3. Mark Cuban, founder, AXS TV & Owner, Dallas Mavericks

4. Tim Draper, co-founder, Draper Fisher Jurvetson

5. Tom Evslin, founder & former, CEO ITXC

6. Dave Farber, Professor Emeritus, CMU & Board Member ISOC and EFF

7. Toby Farrand, VP Engineering, Ooma

8. David Frankel, founder ZipDX, Jetstream, & HD voice pioneer

9. Martin Geddes, former BT Strategy Director

10. Charlie Giancarlo, Sr Advisor, Silver Lake & former Chief Development Officer, Cisco

11. George Gilder, futurist and author

12. John Gilmore, activist and co-founder EFF

13. Bryan Martin, Chairman and CTO, 8×8

14. Doug Humphrey, co-founder Digex, Cidera & first east coast ISP

15. Joe McMillen, founder Complex Drive & lead developer first carrier grade VoIP gateway

16. Scott McNealy, co-founder SUN Microsystems

17. Bob Metcalfe, Professor, University of Texas & co-founder 3Com, inventor of Ethernet

18. Andrew Odlyzko, Professor, University of Minnesota

19. Ray Ozzie, creator of Lotus Notes & former CTO Microsoft

20. Jeff Pulver, cofounder, Vonage & Zula

21. Sandra Rivera, VP Data Center Group and GM Network Platforms (leads SDN/5G initiatives)

22. Michael Robertson, CEO, MP3.com

23. Les Vadasz, former EVP, Intel

Mike Montgomery is Executive Director at CALinnovates.

WannaCry or WannaFixIt? Time for Action on Data Security

By Tim Sparapani

As we’ve seen from the latest round of WannaCry ransomware attacks, no one is safe from these viruses that have locked up the data of more than 200,000 users in at least 150 countries. When desperate consumers and businesses are hit, they often end up paying to get access to their data, which puts a tangible price on their hassle and inconvenience and makes it clear that safeguards that block attacks are essential.

But we should never waste a good crisis. This attack presents a chance to redouble efforts to stomp out botnets, which take over people’s computers and spread viruses.

There is no legislative silver bullet for cybersecurity. The U.S. Senate can take concrete action by swiftly passing the Modernizing Government Technology Act, which the House passed in May. Federal agencies can begin implementing the president’s executive order on cybersecurity. And, we should codify the Vulnerabilities Equities Process. Yet if government officials pour time and money into “solutions” targeting outdated issues, the public may remain as ill-prepared for the next botnet or malware attack as the last. Clearer thinking by policymakers about cybercrime is critical for improving how consumers and businesses prepare for the next hit.

First, it’s necessary to broaden the scope of concern about the damage these attacks cause. For the last 20 years, online security discussions have focused solely on data breaches and identity theft. But, any introductory textbook on information security will tell you that it’s essential to focus on integrity and availability of the data as well. Before WannaCry, the Mirai botnet attack unleashed billions of phony requests to a few websites, shutting them, and the services that rely on them, down. These attacks show that hackers can use brute force to shut down government services, cripple businesses and hurt consumers. But making users’ data unavailable can do almost as much damage as stealing it. Future attacks that merely alter data — thus undermining faith in the accuracy of things like bank or personal health records — can have similarly devastating effects and cost billions in losses.

It’s a mistake to believe that we can protect the public if the culprits are tracked down and arrested. Cybercrime is lucrative, and the tools of the trade are increasingly sophisticated and readily available. Fewer than 1 percent of all cybercriminals are arrested because it is so hard for law enforcement agencies to find them. Most cybercriminals attack from countries that lack the laws and tools needed to convict them. New technological interventions will be necessary.

Now consider how cybercrime can change and evolve. Spam, for example, is a much smaller problem now than it was 10 years ago. That’s partially because a few of the worst spammers were arrested. It’s also because tech companies competed to come up with technologies to keep their customers’ inboxes free from offers from Nigerian princes or bogus online pharmacies. When companies compete over security, the public wins and crime decreases. Government policies that encourage this kind of innovation and competition would benefit consumers.

WannaCry also showed that more user education does not dramatically reduce the incidence of ransomware, data theft and other cyberattacks. Most people know that patching is important. But it’s still not being implemented at scale, partially because everyone has their own devices, and those devices are increasingly connected to the internet. Instead of relying on users to upgrade their security, the tech industry should automate patching to keep our computers, phones and Internet of Things devices protected.

Fixating on establishing industry standards for proper consumer and corporate “cyberhygiene” is a distraction that may slow down cybersecurity innovation. Standards — when agreement can be reached, which is rare — typically take many years to develop, and this results in internet users relying on outdated software and hardware. Flexible approaches like the National Institute of Standards and Technology cybersecurity framework that raise questions but don’t dictate specific solutions are better.

Fortunately, there are more and more powerful technologies that can help defeat problems like ransomware and botnet attacks — but we’ll have to adopt new thinking on cyberattacks if we are to put them to use. The most important technology is cloud-based services, which can be used for storing and encrypting data, for blocking cyberattacks and for providing applications ranging from social media to specialized business services. Too many people are still reluctant to move their data off their premises, and in some cases they are even prohibited by law from doing so. But, a two-person dental office cannot do a better job of protecting its data and networks than a cloud company with leading-edge technology and best-in-class engineers dedicated to ensuring their systems are secure.

Finally, tech companies can become a first line of defense, particularly if the U.S. government shares any software vulnerabilities it discovers. The president and Congress should work together to codify the Vulnerabilities Equities Process so that national security and law enforcement agencies can provide tech companies with the sort of insights that can help them close gaps before malicious actors exploit them. Our national economic security depends on this. We should enact legislation that favors disclosure of vulnerabilities to U.S. tech companies, and the recently introduced Protecting our Ability to Counter Hacking Act has helped start that conversation.

Artificial intelligence, machine learning and big data are other effective tools for preventing or responding to attacks. But these new solutions will not be adopted if governments and businesses don’t understand that much of the old thinking about cyberthreats and cybercrime has to be reconsidered in light of emerging threats.

Tim Sparapani is a data privacy law and policy expert serving as senior policy fellow with CALinnovates and principal at SPQR Strategies.

This piece was originally published on Morning Consult.

Page 1 of 1512345...10...Last »