Posts Tagged ‘Google’
“I want to find a way to work within the Chinese system…”
The quote is from Google’s Sergey Brin – and the (admittedly dated) link is here. The back-tracking begs a better PR strategy:
Mr. Brin said he didn’t think the question of whether the Chinese government was behind the intrusions was significant because the government is made up of so many people. “If there were a Chinese agent, it might represent a fragment of policy,” he said.
Right. What exactly is Google’s algorithm for this? The significance of the question of government sponsorship of cyber-espionage is the inverse of the size of the government potentially involved?
By this logic, an intrusion sponsored by my local city government = significant question for Google.
Iran@gmail.com = FAIL
Seen around the Twitterverse (HT for Evgeny Morozov’s RT @csoghoian):
How do I sign up for the Iranian Govt’s new free email service? At least they’re not in bed with the NSA.
As reported just about everywhere, the Iranian government announced it’s banning Gmail, a day before the anniversary of the Iranian revolution and the street protests anticipated to mark said anniversary. Access to the service may have been blocked already, after a cable cut last week already diminished traffic. There’s a technical point here that only Wired seems to have picked up: Gmail uses encryption by default, which makes it more of a challenge to government surveillance than comparable online providers. And – per the tweet above – one can’t help but wonder if recent news about Google’s relationship with the NSA didn’t play a role, given the role of Twitter in last summer’s protests and the encouragement given Twitter by the State Department.
I wonder, though, if this isn’t more of a means of legal cover for the arrest of opposition protestors – will holding a Gmail account (which, if the service is blocked, can’t be deleted) be used as a chargeable offense by the authorities?
Google will stay in China – in the mobile market
IDG News Service (see the article at PCWorld) is reporting that both Microsoft and Google have cut deals with a Taiwanese chipset vendor that supports handset makers in China – with a hardware/software package to be released for Google’s Android mobile OS later in 2010.
There’s an angle here that’s been overlooked in the market share comparisons between Google and Baidu that were highlighted after Google’s decision last month. While Baidu has a clear lead over Google in the search market, the mobile search market is more competitive – with Digital East Asia putting each company’s market share at 26% apiece. Google’s also tied to China’s primary mobile carrier (China Mobile), while Baidu’s is partnered with the number-two provider. (Even more interesting – if tangential – Baidu’s CTO moved to become CEO of an information-services subsidiary of China Mobile a few weeks ago – a week after Baidu suffered a service outage that could be related to hacking activity out of Iran).
If you assume that the mobile market is where the real growth opportunity lies – for Google and others – it seems hard to believe that Google’s going to stay out of China. The chipset deal just suggests that where they’ll be “in” is different from where they were before.
Google and the NSA
The Washington Post tells half the story, I think, here. There’s a comment in the WaPo story that says that the goal of partnership is to “build a better defense of Google’s networks.” But I’d guess there’s compelling self-interest for the government in learning about the exploited vulnerabilities themselves. In 2008, the San Francisco Chronicle pointed out a $2M+ deal between Google and the NSA for four search appliances and support, and called Google equipment “the backbone of Intellipedia,” a Wikipedia-like network for intelligence agencies.
Jack Goldsmith on the cyber arms race
Today’s Washington Post contains an editorial from Jack Goldsmith, head of the U.S. Justice Department’s Office of Legal Counsel for several months in 2003-2004. It’s a striking piece, arguing that cyber-norms can’t come about until the U.S. discloses or curbs its offensive cyber-activities.
Beneath the text seems to be a concern that animates Goldsmith’s book about his time in the OLC, “The Terror Presidency.” While sympathetic to the Bush Administration, Goldsmith’s time in the OLC saw him concerned with the legal cover that a potentially limitless war gave to executive seizure of power by fiat, rather than via “softer measures.” To quote from his article on the Obama Administration’s counterterrorism strategy: “Packaging, argumentation, symbol, and rhetoric, it turns out, are vitally important to the legitimacy of terrorism policies.” One can’t help but wonder whether some of the same concerns around power aren’t evident here.
More recently, Goldsmith co-authored a book which attempts to dismantle claims that the Internet will undermine government power, among other things. But doesn’t the current Google-China dispute show that that the question of norms actually isn’t being actively pursued by governments, but by non-governmental actors? Goldsmith highlights a possible hypocrisy in Secretary of State Clinton’s call for “norms of behavior among states.” But he neglects to note that this speech was prompted – or at least pre-empted – by actions taken by Google.
Certainly, patterns of similar cyberattacks had occurred previously, without a clear response on the part of the U.S. government (which has, as Goldsmith notes, provided tacit support for “hacktivism” in other circumstances). The vacuum of government action to promote norms may well lead to a situation in which norms originate from the private sector – either consciously, or through business decisions created by an environment of cyber-insecurity. To answer the question posed by the title of Goldsmith’s book, “Who Controls the Internet?” … well, I’m still not sure.
Weekend Wrap-Up: Tech startups in China, “smart dust”, the elephant at Davos, and more…
1. Courtesy of TechCrunch, a American tech entrepreneur in China writes blithely about how startups work within the system, most Chinese netizens “don’t care that much about what’s going on outside of China,” and the virtue of political stability.
2. Here come micro-sensors. Wait a minute, they’re called cell phones.
3. Things you don’t talk about at Davos (hint: it involves a search engine and the world’s most populous country).
4. Will the China-Google situation hurt Microsoft’s share of the browser market?
Perspective, Part II – Rethinking Google and China
The Net has enough commentary on the situation between Google and China, with the bulk of it focusing on whether this really amounts to Google walking the “don’t be evil” talk.
Over at The Atlantic, though, there’s a remarkable (and widely disseminated) post by Marc Ambinder that includes the following –
In the absence of an international treaty defining what cyber sovereignty consists of, it is hard to figure out the boundaries, much less police them effectively.
The geopolitics of cyber power suggests that centrally directed government espionage is…tolerated by U.S. officials.
…and…
There is no fear among U.S. officials that China would ever mount a crippling cyber attack against U.S. infrastructure, even though they have mapped our electrical grid and probably left behind some malware that could be triggerable at a later date. (For what it’s worth, the U.S. has also mapped China’s electrical grid.)
The entire post is remarkable, but these three sentences point to the international norms that have developed organically around the use of cyberspace to project power. Ambinder’s post is yet more confirmation that every day, no matter what governments or companies deny, information networks are subject to “attacks” – read unauthorized penetration and potential tampering – at a volume which is only hinted at, but is presumed to be stunning, and likely originates with governments as well as criminals. This happens largely out of sight, except for those directly involved – and it’s difficult to resist parallels with military activities in Afghanistan and elsewhere. We have come to accept, as a new norm, the unauthorized reconnaissance of networks that (presumably, but not always) exist within national boundaries – much as the international community already accepts, with a few glaring exceptions, that states will attempt to maintain surveillance of other states’ activities, without authorization.
The analogy doesn’t hold, though. Surveillance conducted in the physical world still presumes that sovereignty remains respected – and there are still several steps of tension between surveillance that a state perceives as “crossing the line” and outright conflict. If reconnaissance in an information network is accompanied by tampering – see Ambinder’s reference to malware that “could be triggerable,” above – the distance between reconnaissance and conflict is much, much shorter. If you accept the feasibility of the “Digital Pearl Harbor” threat (and I don’t), wouldn’t the placement of “triggerable malware” be the equivalent of finding, say, explosives rigged for remote detonation outside key infrastructure? Should there be a pattern of norms in cyberspace that is fundamentally different for that governing states’ behavior in the physical world?
Ambinder’s post hints that the pattern is actually closer to a MAD relationship (see the third quote above, emphasis on the for what it’s worth part), as existed between the U.S. and Soviet nuclear arsenals – with the implicit assumption being that this represents a sort of stability. I’m not sure that holds. What made MAD work was transparency – the impossibility of the surprise “first-strike” that negated the “mutual” part of MAD. That transparency is completely lacking when it comes to the use of power in cyberspace. There is near-zero attribution (officially, anyway) of activities, of tracing cyberwar back to identifiable cyberwarriors. There is a level of secrecy afforded to the cyber-environment that I’d wager tempts states to take more risks, producing greater instability over time.
Back to Google and China. Where this represents a landmark – or where it doesn’t – is in the transparency Google brought to the situation that developed. Fundamentally, Google’s decision challenges the international norm that has allowed activities like China’s to continue and proliferate across global networks. The proposition that Google’s decision implies is that if international actors are to interact on the global internet, a set of acceptable behaviors to govern their interactions must be defined through practice. Google’s decision in effect implies that current practice is unacceptable.
And it may be the case that only a non-state actor like Google, one not vested in questions of international power, could do this. Whether this challenge gains momentum – or whether we give up on the idea of a global internet altogether – remains to be seen.
China and Google’s long-term strategy
There’s already been a torrent of commentary on Google’s policy decision with respect to Google.cn – with some of the clearest found in posts by Ethan Zuckerman, Evgeny Morozov, and Jonathan Zittrain, among others. The debate and points of interpretation mostly deal with Google’s potential motives. A purely cynical play or an attempt to live up to corporate values, maybe with some cost/benefit analysis of censorship technologies thrown in?
As a manager responsible for some measure of business strategy, I’m going to wager that Google’s decision is not that different from most business decisions (albeit one informed by better data). Define the problem, assess root causes, outline the risks and rewards of solution alternatives – and when you’re 80% confident in your decision, execute. You have to believe that the internal meetings that preceded this move made reference to Google’s core values at one point, at least. It’s a rare successful company that makes a critical strategy decision without asking is this really who we are? Purely cynical moves of this magnitude require a lot of purely cynical people, having the same discussion in the same conference room – as well as a level of clarity into consequences that is rare for most business decisions.
At the same time, it’s hard to see this as a deliberately planned triumph of values, as others have implied. Google had an immediate business problem: a security incident and theft of IP that challenged the “feasibility of its business operations [in China].” Consider this from the point of view of those operations (and for data here I’m going to rely in part on a new report by the search marketing firm Reform Digital) –
1. Google has a much smaller (~20-25%) market share in China than market leader Baidu (~64-76%) . While the near-term trend is unclear, the numbers haven’t moved much since 2007 – except for Baidu (for an alternative view on the last six months, look here).
2. The market may be splitting between a more educated and affluent segment (Google.cn) and the rest, including continued high volumes of new users (Baidu)…with what are probably better margins to Google.
3. Google’s ability to grow beyond search (remember, the business objective is about “improving access to information,” not just search) could be limited. Baidu runs the third-largest social networking site (after two other Chinese sites), and I’d guess there’s some questions around Google’s potential in the mobile (where Symbian is apparently dominant) market and browser market (where Google may or may not have a share in the second-most popular browser behind IE). This matters, of course, when you’re envisioning displacing the Microsoft model with Chrome’s browser-based OS and web-based applications.
This last point, I think, is where the question of corporate values comes in. You have a smaller but profitable market in which you’ve developed a compromise between the regulators’ objectives (censorship) and your business objective (improving access to information to deliver value to customers). You have an incident (security breach, IP theft) that threatens your ability to provide continued value to your core customers. You look at your longer-term strategy and question whether the compromise you adopted can really work with your plans for growth into adjacent markets – not just customer markets, but markets in different technologies. And here’s the critical point: you can’t disaggregate the question of values from strategy, because if Google decides to, well, acquiesce at this point, it fundamentally changes what Google.cn becomes over the next few years. Changing strategy in any significant way – whether internally or due to external pressure – changes how customers perceive your brand, with implications for both revenue as well as who you become as a company. If you’ve lived through this in a business, it’s easier to understand than articulate.
Thinking more broadly, another reason to consider this in light of Google’s long-term strategy is because Google’s long-term strategy does lay out a future for end-user computing writ large, starting with the Chrome OS as an alternative to the Microsoft and Apple models. Consider a 2015 scenario in which Google has departed China, but Chrome, Android, and Google Apps have reshaped personal and even corporate computing models for the average North American user – a scenario that might be realizable (see for instance, comment from GM’s CIO on the enterprise readiness of Google Apps). Does personal computing in China evolve along a parallel track led by different companies, or start to move in a different direction, with consequences not seen for another five or ten years? A bit of a stretch, perhaps, considering that data is data…but I think the historical evidence does suggest that national approaches to computing can diverge significantly, with the most important consequences not understood until much later.
Google and Microsoft in Uganda
Google has launched “Google Trader” as part of its new SMS offering in Uganda – a service to facilitate marketplace transactions, particularly in agriculture.
Not surprisingly, a quick scan of Microsoft’s efforts in Africa reveals a slightly different focus – refurbishment and provisioning of PCs (particularly in Uganda), training for the government sector, work with international institutions like the UNHCR.
One can’t help but notice the superficial but potentially telling differences, and ask whether they’re reflective of the larger Google v. Microsoft story, which itself reflects deeper questions about the evolution of the IT. A scan of Google’s blog surfaces several references to volunteer efforts, to training local developers, to initiatives that embed in the daily cultural and economic milieu. Microsoft’s stories seem…well, larger (e.g., a new software package for an country’s educational sector), institutional, more “traditional” in terms of both technology and aid. There’s no dispute over the good, even the necessity of both approaches. But one can’t help but wonder if their evolution will tell a larger story about how the world will compute in the next fifty years.
Pakistan upgrades targeting from Google Earth
From yesterday’s NY Times: Pakistan improves precision targeting by moving from Google Earth to more precise image sources. Which means Google Earth is a fairly sophisticated fallback option if these new image sources fail.
Radical Instrument 