In the year 2020, with the potential banning of TikTok and WeChat to American users, based upon potential national security threats, the public is gradually, somewhat begrudgingly, becoming aware that the world is NOT the same in terms of personal information, that it once was.
In years past, and through today, the public at large willingly download any free app offered, sign up for any complimentary social network savvily marketed as being the next big thing and in exchange, offer up highly confidential information without so much as asking “why”, to almost anyone, from any nation. The obtrusiveness of the asks by third parties is astounding and are often so unrelated to the offer that even the most accepting get a sense that something is amiss, but usually well after the fact. Just why does a charity, when soliciting online donations, request height, weight and one’s sexual orientation?
What the public does not yet comprehend is that the value to this data is far higher than is being offered up by corporations through “free” use of social media networks. In what world does a potato chip manufacturer need to know one’s religious affiliation? What is the purpose of a grocery store chain attempting to press you to reveal where you holiday internationally during the summer? Why would a government lottery corporation need to know whether you prefer planting annuals or perennials? And why does each and every company, government agency and organization ask users to provide details, some quite intimate, on family and friends? The public can readily recognize certain benefits to a corporation for revealing some of this information as they believe, because they have been told by a compliant media, that the main intent of gathering data is to more readily target the user with ads. Perhaps a sliver of that is true, but height based ads, marketing promotions based upon your blood type or ads based on one’s eye color? Please. There is far more at play in the world today than the indiscriminate gathering of all data, much of it highly sensitive, simply to sell a few more consumer items. The scope and scale of the data gathering has long passed the point of being mildly intrusive, it is brazen. There is an obviously an incredible value to personal information, to personal purchasing data, to GPS location data.
Soon enough, one can envision the day when a police officer road check for sobriety will be asking not just “have you had anything to drink” but will ask “what brand”? and then “what brand of mix did you add to your branded alcohol” so that they sell the data to an alcoholic beverage company for a few extra bucks, under a contract ostensibly entered into so as to provide necessary cash for police budgets. The alcohol company will offer back, to law enforcement agencies, as well as cash, your GPS data detailing what restaurants and bars are being frequented and what days and times of the day those social drinks are taken. And unnamed third parties bankrolling the whole process will hoover up ALL of that aggregated police data plus the alcohol company data, use AI to determine who actually was charged for impaired, who got off with just a warning, and will compile a dossier on you for potentially nefarious, possibly blackmailing, purposes.
Yes, there are legitimate benefits to certain disclosures, but just as with the NSA, government fishing expeditions are not legal for the purpose of entrapment. Similar to live gathering of evidence, which we often see in TV shows referenced by FBI going through somebodies trash, once it is in a bin by the curb, potentially compromising information about you may be legally gathered. By signing off on the legalese for virtually all apps on the planet, so too may corporations compile dossiers of freely submitted data, to be used or sold for a hefty profit. The public is blissfully unaware of what is being collected and what the end uses will be. We are told, time and time again by cyber security experts, that if an app is free, then the user is the product, not the app. The app simply represents an aggregator of data.
These databases are of incredible value in a technology driven cold war era and the end use of what we are all so freely supplying, for nothing more than a few “likes” from bots, may well be espionage. Wouldn’t it be useful for a foreign power or rival corporation to know what restaurants and bars a key employee of an adversary frequents and where that employee takes downtime away from the job for rest and relaxation? Wouldn’t it be of great benefit for that foreign power to have complete access to surveillance drones and cameras in an area to pinpoint the exact whereabouts of a person in order to potentially compromise them or worse? If a foreign power intended to compromise and turn a key employee, it doesn’t have to be the “honey-pot” entrapment that only works on a handful of people. No, it could serve to identify when one has missed their auto insurance payment by a day, perhaps due to a covid-19 lockdown restriction or a debilitating illness, and then discretely arranges for a foreign agent to pull a “Slipping Jimmy” in front of a moving car driven by that absent minded engineer. THAT is the value of deep data mining by foreign powers; it facilitates the potential for anyone to be compromised, because everyone either cares for their selfish wants above others, or, alternatively, they care about something or someone more than themselves. Intelligence gathering is the core of espionage, and that is what the public is providing, freely and readily, through the disclosures now asked in mundane activities. Marketing of products, in my view, is just a cover for a great deal of espionage work being conducted in the new cold war era. Surveillance of individuals used to be one of the ways for espionage to gather intelligence. Thanks to smartphones and social networks, surveillance is no longer required for most of the public; hundreds of millions of persons planetwide, starved for a “like”, readily post their real time locations, multiple times daily, on social networks. Most others, not so attention starved, still leave their smartphone GPS locators running at all times, for active pinging of locale, because most application updates turn the GPS back on, even when you initially signed that they were to remain off. The more apps loaded on a phone, the greater the data leakage.
The public at large has probably already provided sufficient confidential information that foreign powers in the years to come can act upon, at the individual levels, in espionage efforts. A hot war destroys valuable infrastructure and kills countless people.; it isn’t cost effective. A cyber war, in comparison, would reduce, possibly eliminate, much of the killing and minimize permanent damage to the means of production of any economy. Logically, in an asymmetric war, encroachment on foreign territories and calling it their own, as Russia did with Crimea, and as China has recently done in parts of remote India, can only go so far. Information on just whom is malleable is of equal or greater value to a foreign power than assessments of military might. Any foreign AI network worth their salt has already coded the public into one of several key categories; useful idiot (UI), potential asset, or potential source of cash. Those that represent a potential source of cash, via blackmail, provide the capital to turn potential assets into assets and buy support from useful idiots. The world isn’t nearly so black and white, but there are enough persons that fall into these broad categories to provide a lifetimes work for cyber espionage groups.
At this time, I have a growing sense that the importance of personal data has been so greatly underplayed, but is so calculatingly being sought, that the efforts to obtain it, and to prevent it from being obtained, may be the next great secular investment trend in the new era. There will be governments in authoritarian, expansionist regimes that seek this data and will obtain it at any cost. In the capitalist world, governments tend to react to, rather than anticipate developments, and, as thus far proven in the SARS-COV2 outbreak, overreact or fail to triage appropriately. In most western governments, legislators makers much prefer that the public swallows the blue pill, rather than the red pill, and build policy accordingly.
Due to a government unwillingness to confront a problem that some national corporations, unwittingly, have been complicit in creating, it implies that governments will not react appropriately or proactively to protect and defend national interests. The public at large will certainly not protect their own data. They willingly offer bank information and specific GPS locations of which ATM they use, in exchange nothing more than an entry into a draw for a new iPhone. No, just as there exists a publicly traded military infrastructure whose business model is to produce state of the art hardware to protect, deter, and, when necessary, attack an enemy; so too does it appear that a nascent industry is about to spring forth designed to protect data, to guard it where it has already been mined, and to potentially even conduct cyber-warfare, such as counterattacks, when necessary. There are legitimate reasons that heads of top security agencies within the US government, and presumably other governments, have NO social media presence; if you don’t stick your head out of a foxhole, then you are less likely to be shot in the initial assault.
I believe that the first company of its type in the new field of cyber deterrence and counterintelligence, and potentially a horizontal player at that, will be publicly available by the end of this year for investment through an equity purchase. Let’s be clear, you won’t find ANY listed firm in existence today openly operating as a cyber deterrence or cyber paramilitary outfit and declare that to be their business model in an SEC prospectus. Nor will you find a company out there whose stated end game is to protect American interests and capitalist economies from foreign cyber agents; that is, for now, a bridge too far for the public and likely many investment managers to wrap their gourds around. Any business with a model specifically designed to financially benefit from a new, cold war and defend against cyber attacks on corporations, data blackmailing of individuals and related compromises against national, corporate and personal security may deserve a place in the sort of world we may already be in, but would would greatly prefer not to discuss. Such a company might have also interesting potential for the longer term even should a cold-war conclude on mutually acceptable terms. The firm will need to have an obscure sounding description, perhaps as innocuous as the “monitoring of big data for governments and business”.
Regardless of one’s squeamishness, there is an open field for some sort of business that does more than protect, that can actually can deter and prove capable of initiating cyber counterstrikes. What the public views as cybersecurity, such as computer antivirus program providers such as Norton, etc. are just a tiny part of the solution. In an outright tech cold war between the US, China and Russia, the trusted antivirus program is like buying aspirins to fight off cancer. In a data driven cyber war, antivirus programs are nothing more than a stop sign on a highway where foreign tanks are massing. To determined intelligence gathering organizations, antivirus software programs are the equivalent of a scarecrow on farmers’ fields; they provide nothing more than an appearance of protection. In any event, in this new era, where the public buys an antivirus program to reduce the risk of password hacks but then offers up all that confidential data for a free takeout meal voucher when they fill in the activation page for submission, or worse yet, purchases the cheapest antivirus program available, from a company headquartered in a nation engaged IN the new cold war against the west, because most of the public buys what is cheapest, they might as well have no protection at all. A more assertive cyber business might be useful, and is certainly needed in order to protect capitalists against themselves.
I believe that data mining has already crossed over from purely capitalistic pursuits into the realm of espionage based intelligence compiling. Accordingly, there should now exist a niche, and maybe more than a niche, for a publicly traded corporation that offers something beyond the notion of cyber defense; what is needed is a corporation capable of providing cyber deterrence. During the Soviet-American cold war era of days gone by, it was only the threat of mutually assured nuclear destruction that provided true deterrence against actors malign. In this new big tech, big-data era, what is missing, at present, seems to be that Hammer of Thor as an offset to those who would do us harm. Governments work to maintain their data, with varying degrees of success, but against corporations and foreign governments that seek to compromise or rob governments, hold companies at ransom and blackmail individuals, who watches the watchmen?
If I was contemplating an investment in this new industry category, I would require a business in this new field to have a world class pedigree, in terms of founders. Preferably, one or more of the heads would possess a keen sense of reality about the world as it exists, not some utopian society that may be achieved if we could just get along. I would expect that such a company be based in the USA and fully aligned with core capitalist values. It would be useful for a company to have strong positive EBITDA, but in an era where a business model is designed to compete for contracts against dodgy bucketshops and Chinese military interests disguised as cybersecurity firms, that are willing to work for zero in order to gain ready access to data, margins might not initially be high for any newly listed company. EBITDA margins will logically improve in latter stages of a cold war.
If/as/when such a company is listed, I’ll be looking to make my first new equity purchase in a number of years, for the model portfolio. The market value of publicly traded social networks and data mining firms disguised as ecommerce platforms or cloud-storage firms is almost $10 trillion globally. It would seem that a smart, well run cyber-deterrent business could be worth something, one day.