If you were working as a law clerk in the federal courthouse in Manhattan in the early 1980’s, you might have seen current Microsoft President and Vice Chair Brad Smith edging his way through the doors with a medium-sized, clunky machine, also known as a Personal Computer.
"That’s my claim to fame,” says Smith.
The PC, it turned out, was symbolic of a forthcoming voyage of a legal career that quickly became encompassed by the Second Industrial Revolution, and more specifically, technology. Smith joined Microsoft in 1993, and is now the shiny Knight of policy discussions for the company. He’s managed the resolution of antitrust cases with a view that strays the norm of his Silicon counterparts: if a company makes systems that are critical to the entire globe, they must take into account the concerns of governments and the needs of humanity.
This is the topic of Smith’s recently republished book, co-authored by Microsoft’s Carol Ann Browne, called “Tools and Weapons: The Promise and the Peril of the Digital Age.” Smith came to MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) to speak with CSAIL Director and MIT professor Daniela Rus on his sentiments behind urging the tech sector to “assume more responsibility, as well as calls for governments to move faster to address the challenges that new technologies are creating.”
Rus says the book reads like an action adventure novel with geeks as heroes, and each story is an extraordinary puzzle that is solved by teams of "geeks" who ultimately save the day. The book takes a look backwards to explain the present. One chapter, on cybersecurity, begins with an event from the recent past that many describe as one of the most massive and malicious cyberattacks in American history: the Russian SolarWinds hack. Hackers under Russian intelligence service SVR used a routine software update for the company’s network management system Orion to slip in malicious code with dire effects: it compromised about 100 companies and about a dozen government agencies, including Microsoft.
After moving around upwards of five hundred people to focus on the attack with full gas, they quickly had hunting teams that were looking at the cloud services that customers were running, as well as Microsoft's own network for signs of entry and malice.
“The world depends on the integrity of the software supply chain, and confidence in the software updating process of virtually everything on which we run the world. To tamper with that is almost like tampering with the blood supply. It can inflict indiscriminate harm and undermine public confidence. And it should be off limits,” says Smith.
The landscape, Smith mentioned, looks quite different when the attack begins, not by just a seemingly dark hooded figure basement, but rather, from home in another way: state sponsored. Some incredibly sophisticated cyberattacks today are either state sponsored, enabled, or permitted. Actors get support from the state, and depending on the varyling laws from state to state.
"We need action by the US and other allied governments to hold foreign nations accountable, both when they engage in nation state attacks that violate international norms, as well as when they enable or just tolerate this kind of activity within their borders, especially given the proliferation of ransomware,” says Smith. “Once they send the message that this activity will be illegal in our borders, regardless of the nationality that you're praying on, we’ll be closer to getting governments to put a halt on what they're perfectly capable of stopping.”
The conversation then shifted to the recent national discussion on the dangers of social media, and if freedom of expression can exist in tandem with misinformation, hate speech, and overall psychological detriment.
Smith spoke of how freedom itself comes at a cost, darkly illustrated by the COVID-19 pandemic. Researchers, he noted, identified twelve people responsible for the bulk of misleading information about COVID-19 vaccines, reaching hundreds of millions of people around the globe, further exacerbated by deep fakes. While acknowledging that it's becoming increasingly difficult to distinguish facts from lies, and this subsequent toll on diverging realities, Smith highlighted the constraints of the constitution in moving forward with finding solutions.
“The US is oftentimes unable, constitutionally, to render that content unlawful. If you take all of the countries in the world, and you put them from one end to the other on free expression, the US actually is, at one end because of our constitutional protection and thus, is very limited in our ability for governments to declare content unlawful.”
Rus then broached the subject of privacy, as we increasingly live public-private lives on the Internet and what that means for our data. While tools like homomorphic encryption that compute on encrypted data (next time you’re searching for a lunch place, third parties and service providers wouldn’t know about your hunger) and differential privacy, provide elegant solutions to security, they seldom put all privacy concerns to rest.
Smith postulated that, given the extremely multifaceted nature of technology and its tentacles in society, “The best solutions are going to come from a triangle of people who are in the technology business, academica, and government,” says Smith.
The discussion came to a close with discussing how advances made in a time of crisis can be used to imagine a richer future, after the crisis passes, and history tells us that pandemics take a huge toll on humanity.
“This pandemic truly helped people understand how powerful data is as a tool for solving public problems. We suddenly lived in a world where the entire public health system needed to be run on real time data about the rate of infection cases, the allocation of ICU beds, and now vaccination rates. We were able to harness the power of data to address this, and now we can better harness the power of data to address almost anything.”