Planet Ergo

Reading yesterday's Financial Times or rather, still reading the Financial Times issued yesterday since yesterday, my eyes fall on an article titled "Data out of the door" (page 13, by Peter Marsh and Jamil Anderlini, a.o.). The article is about industrial, economic, commercial espionage, a great concern to many advanced enterprises in the developed world, and how it impacts the industry (leaders) to lose "billions" worth of "intellectual property" (read: future, speculative patent licensing fee revenue and competitiveness).

Businesses are said to increase their efforts to protect their property against theft in an attempt to minimize the threat partly through elaborate information technology. Herein, I think, lays the culprit.

Then, I read Dieter Zetsche, chief executive of Daimler (the German automotive group) reportedly having said, expressing "no concern" about theft of his company's secrets - and I quote:

"We shouldn't waste our time trying to protect our intellectual property but try to be innovative and faster then the other guys."

A sigh of relief. To me, it shows at least some industry leaders understand that the fear of theft of proprietary information has two possible outcomes;

A business focuses on the protection thereof, and invests its resources in protecting against the inevitable. This, admittedly, seems to be feasible as a short-term, stop-gap solution. However, and call it Murphey if you will, air-tight security is virtually impossible -no pun intended. Somebody has access, and humans are humans, as shown in the affair of three top executives at Renault being sacked over allegedly having leaked information. Aside from incidents like the former, when somebody has or controls access to something, and if you can't circumvent the technology, put sufficient pressure on the person. On a more philosophical level, restricting access to information that may or may not be crucial to one's actions -you'd never know- in a post-Cablegate world is often considered conspiracy and conspiracies are unstable - not to bluntly say unsustainable.

As a result, businesses would have to further invest in the protection of their data for a very, very long time to come -indefinitely, one would hope. The results may include a decrease in user productivity, will most probably include further restriction of the user's freedoms, and possibly further boosts the implementation technologies of North-America based proprietary software companies that do have the level of technology integration required to achieve the desired goals, Free Software seems to be lacking up and until now.

Alternatively, a business can invest to continue to outsmart its competitors not by vigorously protecting its commercially valuable or relevant information from leaking, but instead increase innovations at such a pace espionage in whatever covert form or shape can no longer catch up sustainably. You gain some (fast-pace R&D), you lose some (the information that might leak).

The latter seems -just a tiny little bit- closer to the effects Free Software philosophy has with regards to a morally and ethically correct business model, focusing more on the innovation then on the protection of the outcome of such innovation. Still a long way to go, of course, as Free Software innovations usually are available to all, in all liberty, almost instantly -not to say without cost. I applaud Mr. Zetsche for his renewed insight.

Obviously, the former notwithstanding, a minimum level of information technology as well as physical security is required -even if and when incidents such as the temporary re-routing of Internet traffic through Chinese routers trigger the formation of a God-like authoritarian Internet oversight committee or worse. I am not arguing business information systems should become a Free-For-All, not at all. Please allow me to simply refer to common sense and best security practices available and implemented today (and tomorrow), where security essentially -certainly business-wise- is risk management.