Pages Navigation Menu

The blog of DataDiggers

Categories Navigation Menu

Three ‘new rules’ worth considering for the internet

Posted by on May 9, 2019 in Column, Internet of things, internet security, Mark Zuckerberg, Opinion, regulations | 0 comments

In a recent commentary, Facebook’s Mark Zuckerberg argues for new internet regulation starting in four areas: harmful content, election integrity, privacy and data portability. He also advocates that government and regulators “need a more active role” in this process. This call to action should be welcome news as the importance of the internet to nearly all aspects of people’s daily lives seems indisputable. However, Zuckerberg’s new rules could be expanded, as part of the follow-on discussion he calls for, to include several other necessary areas: security-by-design, net worthiness and updated internet business models.

Security-by-design should be an equal priority with functionality for network connected devices, systems and services which comprise the Internet of Things (IoT). One estimate suggests that the number of connected devices will reach 125 billion by 2030, and will increase 50% annually in the next 15 years. Each component on the IoT represents a possible insecurity and point of entry into the system. The Department of Homeland Security has developed strategic principles for securing the IoT. The first principle is to “incorporate security at the design phase.” This seems highly prudent and very timely, given the anticipated growth of the internet.

Ensuring net worthiness — that is, that our internet systems meet appropriate and up to date standards — seems another essential issue, one that might be addressed under Zuckerberg’s call for enhanced privacy. Today’s internet is a hodge-podge of different generations of digital equipment, unclear standards for what constitutes internet privacy and growing awareness of the likely scenarios that could threaten networks and user’s personal information.

Recent cyber incidents and concerns have illustrated these shortfalls. One need only look at the Office of Personnel Management (OPM) hack that exposed the private information of more than 22 million government civilian employees to see how older methods for storing information, lack of network monitoring tools and insecure network credentials resulted in a massive data theft. Many networks, including some supporting government systems and hospitals, are still running Windows XP software from the early 2000s. One estimate is that 5.5% of the 1.5 billion devices running Microsoft Windows are running XP, which is now “well past its end-of-life.” In 2016, a distributed denial of service attack against the web security firm Dyn exposed critical vulnerabilities in the IoT that may also need to be addressed.

Updated business models may also be required to address internet vulnerabilities. The internet has its roots as an information-sharing platform. Over time, a vast array of information and services have been made available to internet users through companies such as Twitter, Google and Facebook. And these services have been made available for modest and, in some cases, no cost to the user.

Regulation is necessary, but normally occurs only once potential for harm becomes apparent.

This means that these companies are expending their own resources to collect data and make it available to users. To defray the costs and turn a profit, the companies have taken to selling advertisements and user information. In turn, this means that private information is being shared with third parties.

As the future of the internet unfolds, it might be worth considering what people would be willing to pay for access to traffic cameras to aid commutes, social media information concerning friends or upcoming events, streaming video entertainment and unlimited data on demand. In fact, the data that is available to users has likely been compiled using a mix of publicly available and private data. Failure to revise the current business model will likely only encourage more of the same concerns with internet security and privacy issues. Finding new business models — perhaps even a fee-for-service for some high-end services — that would support a vibrant internet, while allowing companies to be profitable, could be a worthy goal.

Finally, Zuckerberg’s call for government and regulators to have a more active role is imperative, but likely will continue to be a challenge. As seen in attempts at regulating technologies such as transportation safety, offshore oil drilling and drones, such regulation is necessary, but normally occurs only once potential for harm becomes apparent. The recent accidents involving the Boeing 737 Max 8 aircraft could be seen as one example of the importance of such government regulation and oversight.

Zuckerberg’s call to action suggests a pathway to move toward a new and improved internet. Of course, as Zuckerberg also highlights, his four areas would only be a start, and a broader discussion should be had as well. Incorporating security-by-design, net worthiness and updated business models could be part of this follow-on discussion.

Source: The Tech Crunch

Read More

Amazon’s one-two punch: How traditional retailers can fight back

Posted by on Apr 18, 2019 in 6 River Systems, Amazon, Artificial Intelligence, Column, E-Commerce, eCommerce, getvu, IBM, jeff bezos, Kiva Systems, locus robotics, magazino, merchandising, online retail, online shopping, physical retail, Retail, retailers, siemens, TC, whole foods | 0 comments

If you think physical retail is dead, you couldn’t be more wrong. Despite the explosion in e-commerce, we’re still buying plenty of stuff in offline stores. In 2017, U.S. retail sales totaled $3.49 trillion, of which only 13 percent (about $435 billion) were e-commerce sales. True, e-commerce is growing at a much faster annual pace. But we’re still very far from the tipping point.

Amazon, the e-commerce giant, is playing an even longer game than everyone thinks. The company already dominates online retail — Amazon accounted for almost 50 percent of all U.S. e-commerce dollars spent in 2018. But now Amazon is eyeing the much bigger prize: modernizing and dominating retail sales in physical locations, mainly through the use of sophisticated data analysis. The recent reports of Amazon launching its own chain of grocery stores in several U.S. cities — separate from its recent Whole Foods acquisition — is just one example of how this could play out.

You can think of this as the Amazon one-two punch: The company’s vast power in e-commerce is only the initial, quick jab to an opponent’s face. Data-focused innovations in offline retail will be Amazon’s second, much heavier cross. Traditional retailers too focused on the jab aren’t seeing the cross coming. But we think canny retailers can fight back — and avoid getting KO’d. Here’s how.

The e-commerce jab starts with warehousing

Physical storage of goods has long been crucial to advances in commerce. Innovations here range from Henry Ford’s conveyor belt assembly line in 1910, to IBM’s universal product code (the “barcode”) in the early 1970s, to J.C. Penney’s implementation of the first warehouse management system in 1975. Intelligrated (Honeywell), Dematic (KION), Unitronics, Siemens and others further optimized and modernized the traditional warehouse. But then came Amazon.

After expanding from books to a multi-product offering, Amazon Prime launched in 2005. Then, the company’s operational focus turned to enabling scalable two-day shipping. With hundreds of millions of product SKUs, the challenge was how to get your pocket 3-layer suture pad (to cite a super-specific product Amazon now sells) from the back of the warehouse and into the shippers’ hands as quickly as possible.

Make no mistake: Amazon’s one-two retail punch will be formidable.

Amazon met this challenge at a time when automated warehouses still had massive physical footprints and capital-intensive costs. Amazon bought Kiva Systems in 2012, which ushered in the era of Autonomous Guided Vehicles (AGVs), or robots that quickly ferried products from the warehouse’s depths to static human packers.

Since the Kiva acquisition, retailers have scrambled to adopt technology to match Amazon’s warehouse efficiencies.  These technologies range from warehouse management software (made by LogFire, acquired by Oracle; other companies here include Fishbowl and Temando) to warehouse robotics (Locus Robotics, 6 River Systems, Magazino). Some of these companies’ technologies even incorporate wearables (e.g. ProGlove, GetVu) for warehouse workers. We’ve also seen more general-purpose projects in this area, such as Google Robotics. The main adopters of these new technologies are those companies that feel Amazon’s burn most harshly, namely operators of fulfillment centers serving e-commerce.

The schematic below gives a broad picture of their operations and a partial list of warehouse/inventory management technologies they can adopt:

It’s impossible to say what optimizations Amazon will bring to warehousing beyond these, but that may be less important to predict than retailers realize.

The cross: Modernizing the physical retail environment

Amazon has made several recent forays into offline shopping. These range from Amazon Books (physical book stores), Amazon Go (fast retail where consumers skip the cashier entirely) and Amazon 4-Star (stores featuring only products ranked four-stars or higher). Amazon Live is even bringing brick-and-mortar-style shopping streaming to your phone with a home-shopping concept à la QVC. Perhaps most prominently, Amazon’s 2017 purchase of Whole Foods gave the company an entrée into grocery shopping and a nationwide chain of physical stores.

Most retail-watchers have dismissed these projects as dabbling, or — in the case of Whole Foods — focused too narrowly on a particular vertical. But we think they’re missing Bezos’ longer-term strategic aim. Watch that cross: Amazon is mastering how physical retail works today, so it can do offline what it already does incredibly well online, which is harness data to help retailers sell much more intelligently. Amazon recognizes certain products lend themselves better to offline shopping — groceries and children’s clothing are just a few examples.

How can traditional retailers fight back? Get more proactive.

Those shopping experiences are unlikely to disappear. But traditional retailers (and Amazon offline) can understand much, much more about the data points between shopping and purchase. Which path did shoppers take through the store? Which products did they touch and which did they put into a cart? Which items did they try on, and which products did they abandon? Did they ask for different sizes? How does product location within the store influence consumers’ willingness to buy? What product correlations can inform timely marketing offers — for instance, if women often buy hats and sunglasses together in springtime, can a well-timed coupon prompt an additional purchase? Amazon already knows answers to most of these questions online. They want to bring that same intelligence to offline retail.

Obviously, customer privacy will be a crucial concern in this brave new future. But customers have come to expect online data-tracking and now often welcome the more informed recommendations and the convenience this data can bring. Why couldn’t a similar mindset-shift happen in offline retail?

How can retailers fight back?

Make no mistake: Amazon’s one-two retail punch will be formidable. But remember how important the element of surprise is. Too many venture capitalists underestimate physical retail’s importance and pooh-pooh startups focused on this sector. That’s extremely short-sighted.

Does the fact that Amazon is developing computer vision for Amazon Go mean that alternative self-checkout companies (e.g. Trigo, AiFi) are at a disadvantage? I’d argue that this validation is actually an accelerant as traditional retail struggles to keep up.

How can traditional retailers fight back? Get more proactive. Don’t wait for Amazon to show you what the next best-practice in retail should be. There’s plenty of exciting technology you can adopt today to beat Jeff Bezos to the punch. Take Relex, a Finnish startup using AI and machine learning to help brick-and-mortar and e-commerce companies make better forecasts of how products will sell. Or companies like Memomi or Mirow that are creating solutions for a more immersive and interactive offline shopping experience.

Amazon’s one-two punch strategy seems to be working. Traditional retailers are largely blinded by the behemoth’s warehousing innovations, just as they are about to be hit with an in-store innovation blow. New technologies are emerging to help traditional retail rally. The only question is whether they’ll implement the solutions fast enough to stay relevant.

Source: The Tech Crunch

Read More

The two forces reshaping the landscape of shipping and logistics

Posted by on Mar 28, 2019 in Column, Convoy, keeptruckin, Logistics, Samsara, Shipping, TC, Transfix, trucking, uber freight | 0 comments

The shipping and logistics space is being rapidly transformed by technology. Innovations in this space span the way buyers and sellers transact (digital freight brokerages), the way goods are monitored during shipment (sensor-enabled real-time monitoring) and the manner in which risk is managed (novel approaches to pricing insurance). With diverse opportunities like these, it is no surprise that this is a space ripe for significant disruption.

And yet technology is not the only force driving change. Regulators are taking a fresh look at the lives of workers in the gig economy, often concluding that many folks classified as independent contractors ought to be treated as employees. As we will see, this is causing a sharp uptick in the creation of small-motor carriers. At the same time, oddly enough, driver scarcity is forcing innovators in the shipping and logistics space to think very hard about how to entice new drivers into the market.

Two forces — driver scarcity and regulation — are working in unison to forge the shipping and logistics space of tomorrow. Before we dive into precisely how this is happening, let me introduce the dramatis personnae in this ecosystem:

  • Shippers — These are the folks who have goods that need to be moved from point A to point B.
  • Carriers — These are the folks who shippers hire to load goods on a truck and move them from point A to point B. I will use carriers and small-motor carriers as interchangeable terms.
  • Brokers — These are the people who connect shippers with carriers, often doing the hard work of making sure that carriers are properly licensed and have the appropriate levels of insurance.
  • FMCSA — Federal Motor Carrier Safety Administration, the body responsible for facilitating safety programs, licensing motor carriers and ensuring compliance with a wide range of shipping and transportation rules and regulations.  

A tale of software and shipping

Today, shipping runs on a backbone of telephone calls, manual logging and delayed payment. Yet the shipping ecosystem of the future will have an entirely different nervous system. Before we examine how driver scarcity and regulation will shape this future system, let’s consider where we are today.

Historically, the shipping industry functions on the basis of trust and deep-rooted professional relationships. The largest shippers have relied for a very long time on an entrenched broker network that connects them with carriers capable of moving cargo reliably at scale. Brokers are paid for reducing risk for the shippers by properly vetting the carriers. These relationships form the nervous system of the traditional trucking industry.

This traditional approach to shipping is being disrupted by a number of well-well-funded, ambitious startups. Companies like Samsara, Convoy, and Freight Rover are introducing next-generation hardware, software tools and other solutions to optimize shipping at scale. These companies have different theses about how to properly optimize shipping tasks, but the common thread is that they all appreciate the need to leverage new technology to remove unnecessary friction between ecosystem actors.

The wake of disruption is going to benefit everyone in the shipping and logistics space.

Carriers will get two important benefits: (1) instant access to shipping jobs and (2) a data platform for managing and understanding their businesses. Shippers will also receive two things essential to optimizing their revenue — (i) a constant supply of reliable carriers and (ii) a wealth of real-time data about live and legacy shipments.

The role of regulation

Against the background of the disruption described above, there has been a lot of regulatory activity affecting the shipping and logistics space. In general, the government is becoming more active in regulating the way in which the shipping industry runs, especially when it comes to the treatment of drivers and the unreasonable demands often imposed on them by aggressive shipping schedules.

The first change came from Congress at the end of 2017 in what is known as the Electronic Logging Device (or ELD) mandate. In a nutshell, the ELD mandate requires carriers to have an approved logging device in their trucks to ensure that their hours of service are properly logged and available for regulator review.

This is surely just the beginning of regulatory activity. Not only has Congress expressed interest in closely monitoring Hours of Service — the amount of consecutive hours a truck driver may lawfully drive — the ELD mandate is widely viewed as a way to better enforce those rules.

Thus, at the federal level, you have a regulator who wants to keep granular tabs on what truck drivers are doing. What about at the state level, what’s going on there?

At the state level, many states are adopting laws that require an employer (including shippers and carriers) to classify someone as an employee if he or she provides services for the employer’s core business. In short, if the employer’s core business is X and a person is hired to do X, then that person is an employee.

In California, for example, this is known as the ABC Test from the Dynamex decision handed down by the California Supreme Court. In that case, Dynamex believed they could lawfully classify their delivery drivers as independent contractors. The benefit of doing so is that independent contractors are not entitled to key employee benefits, including healthcare and expense reimbursements. The California Supreme Court decided that Dynamex made a mistake in not classifying these drivers as employees.

Developments like the ABC Test are already transforming the shipping world. Under this test, a driver is almost always going to be legally entitled to the status of “employee” because a driver in the shipping world is by definition being hired to fulfill the core business activities of the shipper.

So, let’s combine the regulatory developments happening at the state and federal level. At the federal level, Congress is encouraging the rapid adoption of monitoring technologies like ELDs. At the state level, employers are facing pressure to classify drivers as employees. Increased tech-based monitoring is thus occurring at the same time that drivers are getting increased rights to employee benefits at the state level.

This is a big deal. Drivers are getting increased leverage vis-à-vis their employers, while the employers (i.e. shipping companies and carrier owners) are being required to use safety-enhancing monitoring technologies. Regulation is moving in one direction — toward providing a greater degree of protection for truckers.

Source: The Tech Crunch

Read More

Autonomous vehicle IP protection — when HAL is driving

Posted by on Mar 28, 2019 in Automotive, Column, intellectual property, TC, Transportation | 0 comments

Each day, a fleet of lidar-guided, all-electric Chevy Bolts exits a downtown garage to roam San Francisco, attempting to blend in with people-guided vehicles and other AVs. The autonomous vehicles are actually only “semi-autonomous” — each has a human crew whose mission is to correct the car’s erroneous driving decisions on the fly, until sufficient data can at least approximate the reflexive intuition of an experienced driver.

Like a child who develops a sense for right and wrong through praise and scolding, present-day machine learning requires similar binary experiential training. The collected learning then becomes a valuable basis for guidance systems that will render vehicles truly autonomous.

But how can that very valuable intellectual property be protected? Historically, startups could obtain venture capital by trotting out a portfolio of issued patents. With the 2014 Alice decision on subject matter patentability by the U.S. Supreme Court, however, it has been problematic, to say the least, to obtain patents that are essentially based on algorithms.

The two-step “Alice” test requires examination of 1) whether the claims are directed to a patent-eligible concept or a patent-ineligible abstract idea; and 2) if directed to an abstract idea, whether the claims contain an “inventive concept” sufficient to transform the abstract idea into a patent-eligible application. Under the latter, “well-understood, routine, and conventional” activities or claim elements cannot form an inventive concept. Even if subject matter barriers can be overcome, the evolved AI may no longer bear semblance to the original expression of code, such as to raise inventorship issues. If a macaque monkey cannot hold a copyright, can a machine hold a patent?   

As a result, most companies presently guard their machine learning data as trade secrets. But trade secret protection has its drawbacks, one of which is to society at large. Unlike technology taught in patented disclosures, which could allow a new entrant to catch up (provided it licenses or designs around the patent), an AV data set of an unwilling licensor is not obtainable absent a trade secret violation or duplicating the considerable miles driven. 

Keeping AV data secret also creates a “black box” where consumers and authorities are unable to fairly and completely evaluate the proficiency/safety of the AI systems guiding the vehicles. At most, consumers will likely have to rely on publicly compiled data regarding car crashes and other reported incidents, which fail to adequately assess the underlying AI or even isolate AI as the cause (as opposed to other factors). As it is, AV developers’ “disengagement reports” — those tallying incidents where the human attendant must take over for the AI — vary widely, depending on how the developer chooses to interpret the reporting requirement.  Without comparable data, consumers are often left with nothing more than anecdotal evidence as to which AV system is the safest or most advanced.

Trade secret protection has its drawbacks, one of which is to society at large.

Relying on trade secret protection is also problematic for the owner of the data, largely because of the requirement that to be protectable, the trade secrets must be kept confidential. This can lead to a “need-to-know” access environment, hampering development and breeding paranoia. Physical security could mean preventing employees from carrying data on portable devices or working from home, instead requiring work and storage on servers isolated from external connectivity. It also could mean needing metal detectors and security screening devices and procedures to, quite literally, keep data from walking out the door. Encryption also could be used, introducing yet another layer of protection, but possibly with a productivity trade-off. And none of this is a complete guard against a mal-intended employee who abuses their access privileges.  

And what of that disgruntled employee who, instead of taking an unauthorized copy to another employer, virally transmits it over social media? Once out in public, the secrets lose their value, as present law generally does not permit actions against a company that comes across trade secrets through no fault of their own. Imagine losing your company’s valuation because your once-proprietary AV data set is now essentially public domain.

On the other hand, one might question whether the “best” AI should be kept from the public. A promise of AVs is that AI guidance and inter-vehicle communications can enhance traffic safety and optimize traffic flow.  Confining the safest, highest functioning AI to select manufacturers would mean less-than-optimal overall safety or efficiency, as “smarter” cars would need to deal with “less smart” vehicles (and human-driven ones!). At the very least, without any technical standards regulating the interaction between various AVs, each unique system will need to communicate with, and predict the behaviors of, potentially hundreds of different AIs.

All of this is to suggest that, as present-day human-driven vehicles evolve into the Nikola 9000, our IP laws and protections must likewise evolve. Just as hybrid vehicles were an early solution to “range anxiety,” perhaps some hybrid IP concept could be developed to satisfy the needs for autonomous vehicle IP protection while continuing to “promote the progress of science and useful arts” under the Constitution.

Source: The Tech Crunch

Read More

Demanding privacy, and establishing trust, in digital health

Posted by on Mar 26, 2019 in Column, digital health, Health, Privacy | 0 comments

February’s Wall Street Journal report pulled back the curtain on just how much is at stake when individuals share their personal health information with health and fitness applications. Several of these apps were (perhaps unwittingly) sharing users’ personal health information via a Facebook SDK that was automatically feeding that data to the platform. In one fell swoop, multiple companies damaged trust with their users — perhaps irrevocably.

But the dangers in digital health aren’t limited to rogue SDKs; three days after the Facebook news broke, yet another large health system announced the personal information of more than 325,00 patients had been exposed. All this comes as big tech companies like Apple, IBM and Amazon begin to enter the same space, with plans for huge impact. But even these well-established names enter healthcare with a trust deficit; Rock Health’s 2018 National Consumer Health Survey found that just 11 percent of respondents said they’d be willing to share health data with tech companies.

As we move toward an increasingly digitized world of healthcare — and as early-stage companies and tech behemoths operate alongside one another in the space — how can all involved uphold their responsibilities, follow relevant laws and regulations and maintain the trust of patients and users when it comes to privacy? Companies operating under the highest standards in healthcare are expressly prohibited from monetizing users’ data; how will large tech brand names adapt their business models to act properly?

In order for the promise of digital health to be realized, companies will need to ensure their patients’ data is safe, secure and error-free. Beyond security, healthcare companies operating as providers must also maintain the confidentiality and privacy of that data. Doing so isn’t simply good practice; it’s an existential requirement for companies operating in this space. There is a baseline expectation — from users, and from employers and health plans working with digital health companies — of privacy being maintained.

The success of digital health companies will hinge on whether patients feel comfortable sharing the most intimate data they possess — their personal health information (PHI) — especially when they worry that data could impact their employment. Below are three things digital health companies would do well to keep in mind as they operate in the space.

Comply with — and inform — regulations

In 2018 alone, more than 6.1 million individuals were impacted by healthcare data breaches. Many have started to warn of the “data breach tsunami.” Complacency is no longer viable. The increasing frequency of data breaches should become a rallying cry. When it comes to PHI, protecting the privacy and security of patients and users must be a business imperative.

Patients want to focus on getting better, not having to constantly check their privacy settings.

Complying with regulations and requirements for protecting PHI requires a combination of robust privacy and security strategies. The Health Insurance Portability and Accountability Act (HIPAA) sets the baseline for patient data protection. For companies operating under HIPAA, responsibilities, obligations and opportunities become crystal clear. Federal laws and regulations prescribe privacy and security minimums, as well as the exact rules governing collection, storage and transfer of participant data. For health innovators, strong privacy practices and security controls are key to customer trust and to growth.

This also means that digital health companies must be active participants in shaping the regulations that govern their operations. This isn’t a call to hire as many lobbyists as possible to water down your responsibilities; it’s a demand to educate the state and federal policymakers who will be writing the rules of the road that govern your work for the next phase of healthcare. Informed policy that enables creative iteration while putting the needs of the patient at its center is imperative for the continued success of the entire industry. This is a space where regulations can be helpful in clearly identifying what not to do to be taken seriously — and operate properly — as a digital health company.

HIPAA or not: know your role

HIPAA applies to digital health companies — whether they contract as a vendor (a “business associate”) or a healthcare provider (a “covered entity”). Third-parties, especially those that handle PHI, have the potential of exposing health companies to data breaches and non-compliance. Any data breach suffered by a healthcare company will have serious consequences, including reputational damage, government investigations and monetary damages.

Once credibility has been tarnished, it takes significant time to rebuild trust among consumers. Fundamental to this is understanding the difference between operating in technology broadly versus in digital health, and ensuring that your organization is equipped with a deep understanding of all the ins-and-outs of HIPAA and health care data; patients want to focus on getting better, not having to constantly check their privacy settings.

Keep compliance at your core

The healthcare industry is already fraught with risk. New laws and market forces only add to the complexities. In order to reach full maturity, digital health companies need to invest, early, in information security experts who understand the intersection of medical devices, software and regulations. Senior leadership teams must empower these experts while staying engaged on best practices and the latest threats. This goes against the rapid growth mindset of venture-backed companies in other industries, but is critical when it comes to healthcare.

If you are handling patient data, hiring a legal and compliance team is a top priority. By implementing a privacy and compliance program, you’ll be better equipped to find and correct potential vulnerabilities, while reducing the chance of fraud, and promoting safe and quality care.

The responsibility to establish trust in digital health is on the most prominent actors in a rapidly growing space. Data and its proper application hold the keys to the evolution of healthcare. But we must never forget that patients and users are opting to share the most intimate data they have. We must meet that responsibility with the systems, personnel and maturity it deserves.

Source: The Tech Crunch

Read More