We’ve written several times over the years about the deployment of Big Data. One of the key challenges with such tools is the seductive risk of treating the data as a catch-all answer to a question not asked. Zeitgeist in the past worked with a large client in the public sector that understood this pitfall and studiously avoided it by knowing beforehand what Big Data meant to them, and how it could be used to improve its strategy and operations.
Without such forethought, applications of Big Data can be ineffectual, if not outright harmful, as the president of eBay Marketplaces said last year in an interview with McKinsey. Governments around the world – particularly in the West – have been using Big Data for some time now to help identify extremists. The jury is still out for some as to how harmful government digital surveillance can be. The deliberate weakening of virtual systems has its root in the fact that the US government originally classified once-arcane cryptography as a munition, which when licensed abroad was watered down. “The idea of deliberately weakening cryptography in the name of national security has not gone away”, writes The Economist. An article published in The New Yorker earlier this year investigated the NSA’s uses of Big Data – specifically mass surveillance of individuals in the US and beyond over cellphone metadata, social media, etc. – and found it wanting. This appears to be partly because there is no pre-determined strategy for what they want the data to do, other than to figuratively chuck it onto the pile with the rest of the data they have, which at some point might be used. The efficacy of such a practice, according to the article, has been minimal. In all of its surveillance, the article claims there was but a single case “
“Patrick Skinner, a former C.I.A. case officer who works with the Soufan Group, a security company, told me… ‘We knew about these networks,’ he said, speaking of the Charlie Hebdo attacks. Mass surveillance, he continued, ‘gives a false sense of security. It sounds great when you say you’re monitoring every phone call in the United States. You can put that in a PowerPoint. But, actually, you have no idea what’s going on.’
By flooding the system with false positives, big-data approaches to counterterrorism might actually make it harder to identify real terrorists before they act. Two years before the Boston Marathon bombing, Tamerlan Tsarnaev, the older of the two brothers alleged to have committed the attack, was assessed by the city’s Joint Terrorism Task Force. They determined that he was not a threat. This was one of about a thousand assessments that the Boston J.T.T.F. conducted that year, a number that had nearly doubled in the previous two years, according to the Boston F.B.I. As of 2013, the Justice Department has trained nearly three hundred thousand law-enforcement officers in how to file ‘suspicious-activity reports.’ In 2010, a central database held about three thousand of these reports; by 2012 it had grown to almost twenty-eight thousand. ‘The bigger haystack makes it harder to find the needle,’ Sensenbrenner told me. Thomas Drake, a former N.S.A. executive and whistle-blower who has become one of the agency’s most vocal critics, told me, ‘If you target everything, there’s no target.’“
This last quotation applies to strategy in general. Without anything specific to focus on as a strategic achievement or direction, one shouldn’t expect any improvement in that area.
Late last month, Zeitgeist went with friends to his local theatre to see “Teh [sic] Internet is a Serious Business”. The play, a story of the founding of the hacktivist group Anonymous, was the most well-publicised dawn of cyberattacks on businesses and governments. The organisation, at its best, set it sights on radical groups that promoted marginalisation of others, whether that was the Church of Scientology in the US or those trying to dampen the Arab Spring in Tunisia. This collective, run by people, some of whom were still in school, showed the world how vulnerable institutions were to being targeted online. We wrote about cybersecurity as recently as this summer, summarising the key points in a recent report from The Economist on what was needed to mitigate against future attacks and how to reduce the damage such attacks inflict. The issue is not going away (and in fact is likely to become worse before it gets better).
It was back in January that management consultancy McKinsey produced a report, ‘Risk and responsibility in a hyperconnected world: Implications for enterprises’, where they estimated the total aggregate impact of cyberattacks at $3 trillion. There is much to be done to avert such losses, but the current picture is far from rosy. Most tech executives gave their institutions “low scores in making the required changes”, the report states; nearly 80% of them said they cannot keep up with attackers’ – be they nation-states or individuals – increasing sophistication. Moreover, though more money is being directed at this area, “larger expenditures have not translated into an increased maturity” yet. And while the attacks themselves carry potentially devastating economic impact on a company, their prevention comes at a price too for the business, beyond the financial. McKinsey reports that security concerns are delaying mobile functionality in enterprises by an average of six months. If attacks continue, the consultancy posits this could result in “a world where a ‘cyberbacklash’ decelerates digitization [sic]”. Revelations about pervasive cyberspying by Western governments on their own citizens could well be a catalyst to this. Seven points are made in the report for enterprises to manage disruptions better:
- Prioritise the greatest business risks to defend and invest in.
- Provide a differentiated approach to defence of assets, based on their importance.
- Move from “simply bolting on security to training their entire staff to incorporate it from day one into technology projects”.
- Be proactive; develop capabilities “to aggregate relevant information” to attune defence systems
- Test. Test. Test again.
- Enlist CxOs to help them understand the value in protection.
- Integrate risk of attack with other corporate risk analysis
Given the amount of business and social issues that involve digital processes – “IP, regulatory compliance, privacy, customer experience, product development, business continuity, legal jurisdiction” – there is a huge amount of disagreement about how much state involvement there should be in the degree to which enterprises must take steps to protect themselves. This is an important point for discussion though, and we touched on it when we wrote about cyberattacks previously.
But that report was way back in January, things must have solved themselves since then, right? Last week, PwC reported that corporate cyber security budgets are being slashed, even while cyberattacks are becoming far more frequent. The FT reported that global security budgets fell 4% YoY in 2014, while the number of reported security incidents increased 48%. Bear in mind these are only reported incidents. This is potentially no bad thing, if we’re to go by McKinsey’s diagnosis of too much money being thrown at the problem in the first place. At the same time, it’s not exactly comforting.
Only a few days after PwC’s figures were published, JP Morgan revealed that personal data for 76 million households – about two-thirds of total US households – had been “compromised” by a cyberattack that had happened earlier in the year. Information stolen included names, phone numbers and email addresses of customers. It was also revealed that other financial institutions were probed too. Worryingly, the WSJ reports that investigators disagree on what exactly the hackers did. It was also unclear who was to blame; nation state or individual. Such disagreements over the ramifications of the attack, the identity of the attackers as well as the delayed revelation of the attack itself, illustrate just how necessary transparency is, if such attacks are to be better protected against and managed in the future.
For those in London at the end of the month, The Economist is hosting an event for those who apply, on October 21, examining “how businesses can and should respond to a data breach, whether it stem from a malicious insider, an external threat or simple carelessness”. Hope to see you there.
A recent essay for Foreign Affairs, “The State of the State”, criticises Western governments for failing to innovate. The authors make an unfavourable comparison with China, which, though still autocratic in nature, has at least looked abroad for ways to make the state work better (if only in a necessarily limited scope). One doesn’t need to look much farther than France to see what happens when the state fails to innovate. President Hollande has done his very best to inculcate a backward ideology of indolence among its workers, but the negative effects of over-regulation have been present in France for some time. One major step that is in drastic need of undertaking is the simplification of France’s opaque labour laws, the code for which runs to 3,492 pages, according to a recent article in The Economist. A stark and laughable example of the limits of such a code is elaborated on below,
“[The code] impose[s] rules when a firm grows beyond a certain limit: at 50 employees, for example, it must create a works council and a separate health committee, with wide-ranging consultative rights. So France has over twice as many firms with 49 staff as with 50.”
France of course also has a strong sense of state oversight and sponsorship when it comes to the media industry. L’exception culturelle has long dominated discourse about what content is appropriate and designated to be high art. Such safeguarding of domestic product has been a thorn in the side of late of the EU / US trade partnership, threatening to derail negotiations. Some have argued that such promotion of homemade productions serves not to diminish foreign imports – a love of Americana has not subsided in France – but rather only to preserve a niche. Regardless, argues a recent editorial in one of France’s national newspapers, it has left the country’s media sector susceptible to disruption.
Today’s Le Monde newspaper features a front page editorial on the arrival Monday to the country of Netflix. The company announced its plans for European expansion at the beginning of the year. It won’t have everything its own way, though. Netflix will have to adapt to a very different market environment. The Subscription Video On Demand (SVOD) market is well-established, and it will see much competition from incumbents (last year annual revenues for companies based in France providing such services exceeded EUR10m). These incumbents charge little or nothing for their services, relative to the $70-80 a month Americans pay to a cable company to watch television, according to The Economist, which states “Netflix struggled in Brazil, for example, against competition from local broadcasters’ big-budget soaps”. Moreover, current government policy dictates a 36-month long window from cinema release to SVOD. We’ve argued against the arbitrariness of such windows before, for a variety of reasons, but here such policy surely negatively impacts Netflix’s projected revenues. Such projections will be curbed further by stringent taxes and a further dictat that SVOD services based in France with annual earnings of more than EUR10m are required to hand over 15% of their revenues to the European film industry and 12% to domestic filmmakers, according to France24. As well as traditional competition, Netflix also faces threats from OTT rivals, such as FilmoTV. One possible way around such competitor obstacles is the promotion of itself as a complementary service. The New York Times earlier this spring elaborated,
“Analysts say Netflix, which has primarily focused on older content more than on recent releases, could also survive in parallel to European rivals that have invested heavily in new movies and television shows. Netflix in some ways serves as a living archive, with TV shows like “Buffy the Vampire Slayer” from the 1990s or movies like “Back to the Future” from 1985. Such fare has enabled the company in Britain, for example, to partner with the cable television operator Virgin Media, which offers new customers a six-month free subscription to Netflix when they sign up for a cable package.”
Such archive content will come in handy, particularly given that, as Le Monde points out, Netflix had previously sold the rights to its flagship series ‘House of Cards’ to premium broadcaster Canal Plus’ SVOD service Canal Play (which itself is investing in new content). The article hesitates to guess how much of a success the service will be in France – something Citi has no problem in doing, see chart below – instead looking to the music industry for an analogy, where streaming has become a dominant form of engaging with the medium. As in other markets, streaming services have met with increasing success, particularly with younger generations. For Le Monde, the arrival of Netflix will undoubtedly ruffle a few feathers, but the paper also hopes it will blow away the cobwebs of an industry that has become comfortable in its ways; it hopes the company will provide a piqûre de rappel (shot in the arm) for the culture industry. Netflix’s ingredients – by no means impossible to emulate – of tech innovation, easy access and pricing and a rich catalogue, should be a lesson to its peers. The editorial only laments that it took an American company to arrive on French shores for businesses to get the message.
UPDATE (16/9/14): TelecomTV reported this morning that Netflix has partnered with French telco Bouygues. The company will offer service subscriptions “through its Bbox Sensation from November and via its future Android box service. Rival operators are refusing to host Netflix on their products”.
It’s not quite as cool as Bond in his Tom Ford suit leaning on his wonderful Aston Martin while he plots his next move to unseat some despot. All the same, Germany’s recent apparent spate of typewriter purchases points to a renewed sense of fear of being overheard and compromised in an era of digitally pervasive content, vulnerable networks and indelible conversations. Spying and intelligence concerns coalesced with subject matter we’ve previously written about – including online privacy, governance, security and the internet of things – in a special report in last week’s The Economist, which produced eight articles on the subject of security in a digital landscape. Some highlights:
- Cybercrime is costly. The Centre for Strategic and International Studies estimates the annual global cost of digital crime and intellectual-property theft at $445 billion – a sum “roughly equivalent to the GDP of a smallish rich European country such as Austria”.
- Focus on prevention rather than reaction. As with many things, the best way to make sure cyberattacks aren’t too damaging to your business is to make sure they never happen in the first place. It’s more difficult (and costly) with digital security because the process can easily feel like a Sisyphean struggle; businesses invest in new technology only to see it circumvented by more hacking, perhaps exposing a different loophole or vulnerability. But an iterative approach is better than leaving the door open and spending more money after the fact.
- Honesty is the best policy. After being hacked, a company can find it hard to admit it. This is understandable. Not only is it somewhat embarassing, it admits to customers and shareholders that the company is vulnerable, but it also suggests that their data is not safe with said company; perhaps they should shop elsewhere. However, transparency in such a situation is paramount if others are to learn how to combat such attacks. One suggestion is that the US government “create a cyber-equivalent of the National Transportation Safety Board, which investigates serious accidents and shares information about them”.
- Who to complain to? The perpetrators of cybercrimes are no longer limited to the teenaged hackers of yesteryear. Though ideological groups like Anonymous serve as a disruptive influence, often the biggest problems are caused by the governments charged with protecting things like individual privacy, security and freedom of speech. From the US to China, authorities “do not hesitate to use the web for their own purposes, be it by exploiting vulnerabilities in software or launching cyber-weapons such as Stuxnet, without worrying too much about the collateral damage done to companies and individuals”.
- External trends point to a worsening of the problem. The Internet of Things as a trend will have billions of devices connected to each other via the Internet over the next few years. With one of the fundamental ideas being that the user isn’t really aware of the connection, the likelihood of spotting a hacked device becomes all the smaller. This isn’t a huge problem in cases like a connected fridge receiving spam email, but it becomes more of a problem when hackers can gain remote control of your car. One of the barriers to improved security for everyday devices is that the margins are razor-thin, as are the chips to connected to the devices, in order to keep the product small. Any added security software or hardware and the cost and size of the product increases.
Zeitgeist believe the risk to IoT devices will be one of the key areas that businesses and regulators will need to focus their efforts in the future. Because it is still a relatively fledgling sector, the issue is not being discussed yet in many places. Deloitte, in association with the Wall Street Journal, recently reported on the nature of cyberrisks and how companies can help mitigate them. Well worth a read.
First aired on PBS in 1985, filmmaker Ken Burns’ documentary on the Statue of Liberty was on Zeitgeist’s TiVo watch list this weekend. It’s really quite staggering to note how issues being discussed then are even more relevant three decades on.
It goes back to an article we wrote recently on the US government’s more legitimate efforts to collect data. These myriad agencies are working so fast to see whether it’s possible to collect this or that piece of data on someone, they are not stopping to think whether they should, and what the long-term implications are. By long-term, we mean what such a “Faustian bargain” means for the civil rights of citizens – particularly of course in the relation of the right to privacy – and what such machinations do to the long-term standing of the country as a whole – particularly from the outside looking in.
“Spying in a democracy depends for its legitimacy on informed consent, not blind trust”, wrote The Economist in this week’s lead article. Not so anymore, seemingly. The recent revelations that the NSA have been collecting masses of data from Facebook, Twitter, Google et al., with little thought for due process and with a focus on communications outside the US, and that at least one telco, Verizon, was ordered to provide significant amounts of user data to the government, is disconcerting to say the least. Zeitgeist wrote a letter, recently published in the Financial Times, before this story broke, that attempted to convey that the true worry for those opposed to such overreach is the high possibility of neglect or abuse, rather than intentional Machiavellian manipulation. Government ineptitude is more likely, and far more dangerous. Clarity and transparency are the enemies of such ineptitude.
As former New York governor Mario Cuomo admits in the clip at the beginning of this post, it can be very tempting to squash a little liberty here and there in return for added security. The situation, which arises at a time when the US is supposed to be taking China to task over its own extensive cyber-espionage (see above graphic), where we are, as one CNBC commentator described recently “hacking ourselves”, must give us pause, and begs us to re-examine what our notions of liberty are in an age of digital disruption.
We all know that catching cancer early can improve our chances of survival. For some charities, such as Coppafeel, the primary aim is to encourage people to know their body and get checked out as soon as they suspect there may be something wrong. Yet our inherent behaviour means we often put off seeing our doctor.
The reasons for stalling are varied, from wanting to ignore reality, a dislike of doctors and hospitals to simply putting it off until tomorrow.
One of the barriers is that you can’t get to see a doctor immediately. You have to book an appointment and then organise your life around it.
All of which makes the Get to Know Cancer pop-up clinic initiative in the Centrale Shopping Centre in Croydon such a great idea. Shoppers can pop in and ask questions to specialists and nurses from the Royal Marsden and Cancer Research UK (for whom Zeitgeist recently did a half marathon – sponsorships still kindly accepted).
Why we like it
It’s obvious to anyone strolling through a UK town that the economic downturn has lead to a depressing number of empty properties along the high street.
The most recent high profile closure was JJB Sports who went into administration last week with the loss of thousands of jobs. The retailer followed a number of famous names, including Clinton Cards, Blacks, Peacocks and Game to either disappear or be sold off to new owners.
For some, the traditional high street is beyond salvation.
He believes that repeated failures by government, online shopping and the recession have created a perfect storm and lambasted the review of sector by the retail expert Mary Portas as “all a waste of money and resources”.
As for cancer, the consequences of this terrible disease are known to us all, lives taken and lives destroyed.
Saving lives and money
Recognising our natural inertia and the need to get illnesses diagnosed as soon as possible the shop interrupts people and overcomes many barriers. And like all great ideas, it’s simple. Now that it exists, it’s strange to think that it has taken so long for such an idea to be implemented.
Aside from the human cost, cancer costs the state around £11bn a year. So quite apart from the emotional benefit of saving lives, the clinic could save us all money.
Bill Grimsey might be right. The traditional high street may well be gone forever. If it has, our challenge is to find new ways to use the empty spaces left by defunct retailers.
Let’s hope that the Croydon trial is a success and the start of the renaissance.
Dost thou know what reputation is?
I ’ll tell thee,—to small purpose, since the instruction
Comes now too late.
Upon a time Reputation, Love, and Death,
Would travel o’er the world; and it was concluded
That they should part, and take three several ways.
Death told them, they should find him in great battles,
Or cities plagu’d with plagues: Love gives them counsel
To inquire for him ’mongst unambitious shepherds,
Where dowries were not talk’d of, and sometimes
’Mongst quiet kindred that had nothing left
By their dead parents: “Stay,’ quoth Reputation,
‘Do not forsake me; for it is my nature,
If once I part from any man I meet,
I am never found again.’
– Duchess of Malfi, III, ii
Zeitgeist went to see Duchess of Malfi at the Old Vic last month, a brilliant production, and was reminded of this fantastic quotation when thinking of the upcoming Olympic Games soon to descend on London. Though arguably less ephemeral than the brand of today’s salubrious celebrities – written about recently in Vanity Fair – the Games can hardly be said to provide any quantifiable burgeoning of brand to host countries of the past (except perhaps for Barcelona). As The Economist adroitly put it the other week, “When asked why the United States is a fine place, few would instinctively mention its hosting of the 1996 Olympics in Atlanta.”
Are Britain’s current economic woes related to anything that might be solved by hosting an Olympics? Probably not. Will the Games, much like the bloody affairs of ancient Rome, serve to please and distract the hordes? More likely. The Games themselves will have to be good enough to overcome the pre-event controversies of massive over-spending, Zil lanes, anti-missile protests and Olympic torches on eBay. Otherwise, as the above quotation describes, the reputation of many will be lost forever.