Lens four: Expanding impact of hostile tech
‘Hostile’ technology is commonly associated with criminal activity such as ransomware, breaking into a system to steal data or creating computer viruses — but this misses the complete picture. The landscape is evolving in a way that the definition of hostile tech should be broadened to include legal, even widely accepted, acts that ultimately threaten societal well-being.
Through the Looking Glass
As technology grows more complex, the ways in which it can be misused rise. And as people rely more on technology in daily activities, they are increasingly subjected to unintended — even hostile — consequences. Add in a high level of automation — making decisions at machine speed — and the possibility for things to go wrong rapidly escalates.
‘Hostile’ tech by our definition can encompass not just criminal tech such as malware and hacking tools but also use cases like advertising and customer targeting. Whether technology is hostile can be a matter of perspective. Some people don’t find internet ads, tracking cookies or social media influencing campaigns intrusive and are happy to trade their data for what they perceive as personalized offers or special value. Others install ad blocking software in their browsers and eschew Facebook completely. Consenting to track or the collection of personal data is for some basically automatic; for others, a carefully considered choice. That said, many people are oblivious to the fact that they have a choice in the first place, due to varying levels of access to and experience with technologies among different social and demographic groups, as well as discrepancies in the way information and options around consent are presented.
Not all hostile behavior is malicious or intended. One example is bias in algorithms or machine learning systems. These may exhibit ‘hostile’ tendencies towards certain customer groups without having been compromised or deliberately designed that way, because of unplanned and unnoticed distortions in the way they were constructed or developed.
- The increasing ubiquity of technology and concurrent expansion of the potential threat surface. One simple example is the sheer number of connections: Frost & Sullivan predicts the number of active Internet of Things (IoT) devices will top 65 billion globally by 2026. Each of these comes with potential security breaches that could be exploited
- Evolving consumer sentiment and behavior toward ad and marketing tech and increasing bifurcation between those who accept broad uses of their data and those who are more concerned about privacy
- Rising anxiety about the use and impact of social media in misinformation campaigns and how social media channels are shaping health, political and other societal debates
- Unintended consequences from the increased use of artificial intelligence (AI) and machine learning, such as bias in algorithms and in data sets collected. Concerns about hostile impacts are prompting attempts to control the use of AI in processes like hiring
- Increased regulation around data collection, retention and use, such as China’s new Personal Information Protection Law, the European General Data Protection Regulation (GDPR) the California Privacy Rights Act (CPRA) and equivalents in other jurisdictions
With data breaches approaching record levels, protection against deliberate hacking and malware is increasingly important. Companies must invest in defending a wider range of touchpoints against well-funded and organized adversaries. Yet as the potential for danger rises, other dimensions of hostile tech also have to be considered. We believe that being respectful of customer wishes, avoiding intrusive and self-serving targeting and rooting out bias within algorithmic systems and data sets is not only inherently ethical but conducive to trust, positive public perceptions and ultimately the health of the business.
According to media reports, the SolarWinds supply chain hack cost the company nearly US$20 million, with estimates for insurance claims reaching US$100 million, showing how easily the financial fallout from a hostile incident can spiral out of control. After a slow start GDPR fines have increased, with total penalties surging 113.5% over the last year. Most notably, Amazon’s gigantic GDPR fine of US$877 million, announced in the company’s July 2021 earnings report, is nearly 15 times bigger than the previous record. With consumers placing a higher value on their privacy, robust security practices have become a strong differentiator for some companies. A recent survey by Cisco found almost 80% of consumers factor data protection into purchasing decisions and are open to paying more for products or providers with higher privacy standards.