Thoughts in Between
TiB 162: The EU vs AI; Skill vs Luck; COVID vs internet security; and more...
Welcome new readers! Thoughts in Between is a newsletter (mainly) about how technology is changing politics, culture and society and how we might do it better.
It goes out every Tuesday to thousands of entrepreneurs, investors, policy makers, politicians and others. It’s free.
Forwarded this email? Subscribe here. Enjoy this email? Forward it to a friend.
Is EU AI regulation bad for startups?
The EU published new draft regulations for artificial intelligence. There's a good overview in this thread or this NYT piece. In short, the rules, which won't come into effect for several years, seek to prohibit certain kinds of AI systems (such as live facial recognition in public places) and create strict requirements for "high-risk" systems in areas like law enforcement and education.
There's lots of sensible stuff in there - alongside text that has understandably amused some in the tech community - but the overall impression is of the EU is doubling down on its positioning as tech's global regulator of first resort (though the US FTC has some similar ideas too, as Jack Clark notes). As with GDPR, the regulations assert extra-territorial authority: they apply to companies anywhere in the world that sell AI services into the EU or even where the output is used in the EU. And, again like GDPR, the fines for non-compliance are hefty - up to six percent of global revenue.
There is a cost to this. As I argued in TiB 154, both soft and hard power in the 21st century will depend on being a technology maker, not just technology taker. That's not incompatible with taking a robust approach to regulation, but - as the Progressive Policy Institute argues in a new report - it's not clear the EU is really wrestling with the trade-offs between (valuable) consumer protection and a thriving innovation ecosystem. A lot of tech regulation ends up having unintentional pro-incumbent effects (e.g. GDPR). If that happens here, Europe's AI startups may pay the price.
Skill, luck, picks and shovels
Via the excellent Ethan Mollick, I came across this fascinating paper on how strategic actors (such as investors or executives) can exploit the tendency of people to systematically confuse skill and luck. For example, if business outcomes are determined by a combination of skill and luck, a poorly performing business is likely to owe some of its failure to bad luck. Market participants, however, will likely systematically fail to price in the future performance gains that come from mere mean reversion, and so will undervalue it. The authors walk through many more nuanced examples.
The paper goes into a lot of interesting detail on the barriers to taking advantage of this kind of mis-valuing of assets and how they can be overcome. One example concerns how actors can take advantage of the belief that a private asset is overvalued if they do not own it and no shorting mechanism is available. The answer, suggest the authors, is to sell complementary assets: if a lucky find sparks a gold rush, sell picks and shovels! You can probably think of some contemporary analogues...
It's worth thinking, though, about cases where luck is not subject to mean reversion, but creates structural advantage. Venture capital is a good example. VC is an unusual asset class in that the investment chooses the investor, rather than the other way around. Entrepreneurs have relatively little data on how much VCs can help, so it's rational to choose a fund with a great track record. Successful funds are therefore pitched by better founders and more likely to win competitive deals - even if that success is initially driven by luck. Matthew Effects are quite rare, but powerful.
Physical security in a virtual world
Dan Kaminsky, a legendary computer security researcher, died this week. He made a number of crucial contributions to the security of the internet that you benefit from every day, perhaps most notably his discovery and fixing of a flaw in the Domain Name System (DNS) protocol that you use every time you type a web address into a browser. His Wikipedia profile has more, and I also recommend this appreciation by Sonal Chokshi on Kaminsky's prescient writing about Bitcoin back in 2013.
As you may have gathered from last week's TiB, I'm currently very interested in the stubborn persistence of physicality in an increasingly virtualised world. Kaminsky played a role in a fascinating example of this: ICANN's "key signing" ceremonies. ICANN is the non-profit organisation responsible for a number of activities that allow the internet to function, including management of the DNS root zone. Every quarter it holds an elaborate in-person ritual, described here, to generate the keys that will secure DNS for the next three months.
The interplay between physicality and the creation of legitimacy (another recent TiB preoccupation - see TiB 158) is fascinating. Kaminsky was one of seven Trusted Community Representatives who were given a physical key to be used in these ceremonies - and for disaster recovery in the event of a catastrophe, as detailed by ICANN here (a process somewhat reminiscent of a Bond movie). The signing ceremony in its traditional form, however, was a victim of COVID: the pandemic forced even this process online, albeit with many safeguards. Virtualisation marches on, perhaps.
Quick links
- Deep citations. A ranking of global AI scholars (see also this thread).
- The rarest view. Beautiful restorations of photos of earth from space.
- Hold high the eagle. Striking map of every Roman settlement.
- Literally, and seriously. Belief in secular evolution remains a minority position in the US.
- Oh what a lovely war. What happened to defence spending during the pandemic?
Thanks for reading to the end.
I hope you enjoy Thoughts in Between. If you do, please do forward to a friend who might like it. It takes less than a minute, but is the main way the readership grows.
And do feel free to hit reply if you have questions, comments, suggestions or feedback.
Until next week,
Matt Clifford
PS: Lots of newsletters get stuck in Gmail’s Promotions tab. If you find it in there, please help train the algorithm by dragging it to Primary. It makes a big difference.