This op-ed was originally published in Fast Company.
By Adam Golodner
Leaders of companies today need to pay attention to geopolitical, legislative, and regulatory issues. The advancement of technology is stressing governments out, and sometimes the reaction is counterproductive and the impact unintended. CEOs, CFOs, CTOs, and GCs must work together, understand the playing field, and weigh in to shape the policy path forward, as current policy decisions are shaping—sometimes not for the good—the technology and market ecosystem right now. A current example of this is the global intersection of technology, competition policy, and trusted networks and data.
A LACK OF DIGITAL TRUST, SECURITY, AND PRIVACY
In May, the heads of state of the leading global economies met in Hiroshima, Japan, for the annual G7 meeting. There was a lot on the agenda—the global economy, China, Ukraine, clean energy, trustworthy AI—and importantly, digital issues, where the leaders agreed that they would “seek to increase trust across the digital ecosystem” and recognized “the importance of secure and resilient digital infrastructure as the foundation of society and the economy.”
Rightly, in this age of technology acceleration, geopolitical inflection, and cyberspace contest, increasing digital trust, security, and privacy is an initiative top-level leaders want to drive. That overarching agreement should now be implemented by their respective governments, but recent history has shown policymakers at other levels of government have too often been going in the opposite direction.
I have been concerned about the lack of digital trust leading to the balkanization of global technology networks for over a decade. After attending the Munich Security Conference this year, I wrote about the growing risk of trifurcation of global networks (U.S./China/E.U.) given recent European Union policies which would have the unintended consequence of undermining trust, security, and privacy in networks and data in the E.U.
For example, the EU Digital Markets Act seeks to restructure technology marketplaces under the banner of “competition.” Among other provisions, it would force makers of mobile devices to allow millions of apps, unvetted by the official app store, onto devices and give those apps access to device hardware, software, and data. The unintended consequences of “opening up the box” will be introducing vulnerabilities, expanding the attack surface, making life easier for maligned actors, and undermining the security and privacy of consumer, enterprise, and government networks and data across the EU. These are serious unintended consequences.
AN OPPORTUNITY TO GET THINGS RIGHT
The DMA is a case where policymakers did not apply a technology-based trust screen or national security screen before passing the proposal, and simply hoped security could be OK. The U.S. has rejected DMA-like proposals, and hopefully, the EU will remedy these critical security and privacy issues in the implementation of the DMA. Given other proposals around the world, applying the right trust screen upfront is lesson corporate leaders can drive home today. The agenda set by the April G7 Digital and Tech Ministers’ meeting in the run-up to the Leaders meeting gives us an opportunity to get it right.
The G7 Digital and Tech Ministers’ Declaration addressed both security and competition issues. Regarding security, the Ministers recognized the critical importance of enhancing security and digital resiliency, and highlighted “the importance of designing, developing, and deploying well-secured apps and software and responding to vulnerabilities appropriately…” These are must-dos, and given the cyber reality of today, corporate leaders can and must help drive this result.
Regarding competition, the Ministers indicated they intend to share experiences on competition and digital markets, and convene a summit in the fall of 2023 to discuss these issues. Given the recent DMA experience where competition policymaking had the unintended consequence of undermining security, privacy, and trust in networks and data across Europe, the upcoming digital competition summit is a place company leaders can weigh in and set a better course forward.
IT’S TIME TO INCLUDE CORPORATE LEADERS
The digital competition summit should be expanded to include corporate leaders and national security agencies from the G7 countries. As the unintended security consequences of the DMA show, efforts under the banner of competition have spillover effects that can undermine core nation-state responsibilities for the security and resiliency of consumer, critical infrastructure, military, and intelligence networks and data. These effects run directly counter to the agenda set by the G7 Heads of State. Those attending the digital competition summit should become educated on the prime and intense geopolitical, cyber, and technology issue set, and focus on discussing paths forward that do not undermine the security of networks and data across the infrastructure.
There are DMA-like proposals under the banner of competition in multiple countries, including Australia, Brazil, Canada, India, Japan, Turkey, and the U.K., all of which could have the unintended consequence of introducing vulnerabilities into digital networks. Each of these countries should immediately bring in corporate leaders and the national security agencies of their country to review the security impact of their proposals.
Avoiding the DMA unintended consequence of undermining network and data security has to be a primary job of any policymaker considering a DMA-like proposal. Corporate leaders and national security officials must join the conversation now. From a national security perspective enhancing security, as the G7 Leaders said, is a top national priority. From an antitrust perspective, companies enhancing security and privacy in their products and services today are actually bringing pro-competitive benefits to users—benefits that policymakers should not undermine under the banner of new approaches to competition policy.
Understanding and engaging in this current discussion should be part of the 2023 strategy for CEOs, CFOs, CTOs, and GCs of all companies. The global digital infrastructure is in the dock, and the ecosystem you are a part of is in the vortex. Global policymakers are engaging in writing the rules for the intersection of security, technology, and competition—and so should you. In today’s world, we all need to do everything we can to drive trust and security into the global digital infrastructure.
Adam Golodner is the Founder and CEO of Vortex Strategic Consulting and the Co-Chair of Trusted Future.