Speech Transcript – Craig Mundie, Microsoft Policy Forum Luncheon

Remarks by Craig Mundie, Senior Vice President and Chief Technical Officer, Advanced Strategies and Policy
Microsoft Policy Forum Luncheon
Ottawa, Canada
November 20, 2003

CRAIG MUNDIE: Thanks, Frank. Pleasure to be here.

I’ll stay up here so I can see folks a little more easily, and maybe you’ll hear me better.

As Frank said, I really have two roles at Microsoft. One is as one of the top technical people working with Gates. There’s two aspects to that. One is to try to develop what our technical product strategy is, and the second is to try to orchestrate its execution across Microsoft, because as we’ve grow bigger, you know, it gets very hard to do that. And we’re not a conglomerate in the sense that every business is completely separate from every other business. In fact, our value-add, we think, long-term, is the ability to have some symbiotic relationship from one compartment of the business to the next. And that becomes a management and technical challenge. And, in fact, the whole structure of the company has evolved with Bill as the chief software architect now, and Steve Ballmer – who he made the CEO – in order to have this sort of matrix capability.

Ron and I were talking a little bit about how the government of Canada works and how the sort of deputy minister level people, they really make everything happen by meeting each other. And I think there’s certainly some analogies to what we try to do in the office of the Chairman in order to make that happen at a working level.

The other half of my job, though, is Microsoft’s Chief Policy Officer, and there I spend, now, about half my time dealing with the major – and to some extent the minor – governments of the world, addressing the question of technology policy issues and what they bring about.

And so I thought, just for conversation today, I would share with you a couple ideas. I spoke recently at the APEC ministerial in Bangkok, and in the session that I had to talk to everybody, I, at the end, closed with these seven points, what I call policy challenges for governments. And to some extent, for companies like ours, who have clearly a role relative to these.

You can start on sort of any particular point, but I’ll start and talk about issues around technology neutrality and choice. One of the things that many governments are trying to decide right now is whether they should be in the business of trying to tilt the playing field toward a particular set of indigenous technologies, or in fact a recreation of a computing platform on a local basis.

And to some extent, this gets started for any of a variety of reasons, which could come from national security concerns about over-dependency on foreign technology, or even suspicion about the technology they might buy from a company like Microsoft. That was how I got drawn into a dialogue with the Chinese leadership over the last four years, was exactly around this question of could the Chinese government actually build mission-critical systems for the government – and even the military – around our technology. Or, in fact, was it suspect because “we were an American company.” It turns out we’re, yes, headquartered in the United States, but we sell two-thirds of our products outside in the world. Our second-largest research operation is in Beijing, you know? So it’s a very complicated world that we live in.

So, how the government elects to handle this, both in the developed countries and the developing countries, is clearly an interesting policy question.

As you look at the need for this next generation of systems to interact with one another, you’re drawn into another set of questions. What does it mean for computer systems to talk to each other? That has been increasingly important in business environments over the years, but the reality is today, most computer systems outside of the domain of an individual enterprise – whether it’s government enterprise or business enterprise – don’t talk to each other. Why? Because we didn’t have a way to solve the security problems and the identity problems that spanned those domains. Well, now we do, and in fact the Internet has shown that in fact you want to have a very global interaction between these things.

Today, we do that global interaction from people to machines, but the point we are in technology today is that we’re about to allow the whole Internet, as a collection of intelligent devices — not just server machines and desktop PC, but everything from your watch to your cell phone to your pocket computer to your refrigerator door to your television, your game machine, your automobile — all of these things are going to get smart, they’re all going to get connected, and to some extent they all now are programmable.

Now, this is one of the new Microsoft software-based Motorola smartphones. We worked for a long time before Motorola agreed that they would build a phone that ran our software. But why did they do that? They said, ‘Well, people really liked the fact that this software’s sort of like the software on their desktop, and therefore it’s easier for them to learn and use, and it synchronizes automatically with it, and that’s a big benefit as opposed to having all these disjoint products.’

What’s fascinating is that this is a bigger, more powerful computer – in a technical sense – than a Windows 98 desktop. And I’ll bet you a nickel I could probably find some Win98 desktops in the government in Canada. This thing smokes a Windows 95 machine! This thing has both a faster processor, integrated radio IT telecommunications, full Web browsing capability, and a quarter gigabyte of DRAM. And that’s a lot more computer than people bought when they bought Windows 98. Windows 98, that was only five years [ago].

So the thing you have to understand is that these computers are serious machines, and they’re all very, very programmable. And so, the next phase of the evolution of the computer industry – which only happens about every fifteen or twenty years – is that there is a new platform, it’s the global connection of all things intelligent, and it’s all going to be programmable. And we haven’t had that environment since basically around the late ’80s.

And so, for people who are both in the business – and from a policy point of view – trying to decide ‘Well, what does computing really mean to me?’, you really have to stop and realize that there’s a transition that’s about to occur, a phase change, from a world of publishing e-mail messages and Web pages – which has dominated for the last eight or nine years – to a world where all these things become programmable.

And the power of that is going to be very profound. The countries, essentially, I’ll say, and companies who are prepared for this transition will be in great shape. Those who are not will find that they will fall behind the countries who are prepared to capitalize on this phase change in the use of the technology.

The fact that these things are all interoperable means that there are new questions about standards, and many of the old battles about what was the way in which these computer systems were going to be programmed or interact are really old problems. And there’s now pretty much a global, universal agreement as to how interoperability is going to be handled. Microsoft, IBM, VeriSign and others have really worked hard on a set of standards to support this interoperability between these future platforms.

And in the last few weeks, at least Microsoft has declared that the race has started. We had 8,000 people in Los Angeles from around the world three weeks ago for our professional developers conference, and we told them, ‘Here’s the tools, here’s the kits. It’s all done. Party time!’ And we are quite confident that the world’s programmers will now begin a fairly dramatic shift from programming the client-server architecture that is today’s enterprise computing environment to programming this global set of Internet-connected devices.

The fact that this platform has become so broad in its use and is no longer confined to the desktop or to the enterprise has brought with it a lot of new challenges. The questions around security, and then the antithetical question around privacy, there’s significant tension around those things.

And then you get other issues, spam being one of the great examples, where if you try to resolve these issues on a purely technology means basis you end up overburdening the technology. And in fact, what really needs to be reflected is more of an equilibrium between three other concepts. You need to have public mores that are essentially in line with what the technology currently allows.

If you don’t have that, then the next thing can’t be achieved, the next thing being legal deterrents. If you don’t have law enforcement and the threat that if you do something really wrong a bad thing’s going to happen to you, then a much-too-big percentage of the population, given a choice, will essentially do the wrong thing. And so, in order to shepherd most of those people who are on the fence to doing the right thing, you want to actually have what I call technology deterrent.

You know, we do this in lots of other ways. I mean, cars. You know, cars have real clear laws. You get in a car, you steal a car, it’s grand theft auto, you go to jail. And we have serious people who go down and chase people down who steal cars. There’s a lot more damage being wrought financially by people releasing viruses on the Internet than there are stealing cars, and we have zero cybercops, effectively, and no treaties, no transnational policy to govern this. And so, even though there are international chop shops that steal your cars in Canada and ship them somewhere else, that’s a lot harder thing to get going than it is to sit in some little Third World country, develop a virus and release it on the Internet and basically cause a huge amount of damage.

So, at every level, from global – I’ll call it treaty level – discussions down to very local questions of law enforcement, we have essentially no legal deterrent in any of these areas now, or substantially none.

There’s another set of issues that have to come into balance. Again, if you use the car analogy, we actually have steering column locks, keypads on the doors. These are what I call technology deterrents. They keep you, you know, they make it harder for you to steal the car. But you can’t really depend only on that. You need this value, between most people who grow up being told by Mom and Dad you shouldn’t steal, and then just to make it harder, we’re going to put locks on things. And then to really make it clear that you shouldn’t, we’re going to tell you that if you do this you go to jail.

We don’t have that equilibrium in cyberspace in many areas, so Microsoft has been leading in the United States in writing new legislation around spam, for example. We’ve been working on new issues around security and cyberprotection and policing, and I think these are all issues that have to be addressed.

Perhaps the most important thing, though, is if you buy the thesis that we’re about to change to a new model of how you use computing — that it’ll be pervasive, it’ll be just about every aspect of your life — then it becomes imperative that every country have a strategy to develop a local software economy. What that means is the next generation using the stuff won’t be in businesses with pre-canned applications being the fundamental driving force. Today, there are millions of applications that were written for desktop computers and server machines, and they’re deployed largely in the enterprise, but now we’re putting it into everything. And there’ll be a new generation where everything outside the boundary of your historical enterprise wants to be mechanized or automated in terms of the interaction between the two. And the technology allows that.

To get the economic benefit of that will require that in your country, there are businesses who make software for the local market, that do it against the local laws, custom, language, alphabet, whatever they are, and are not as generic as some of the apps that have dominated in the days gone by.

But for that to happen, you need some things to be really clear and functional that are largely in disarray today. The first of those are intellectual property rules and the enforcement of those laws, too. They’re equally in a sad state of affairs in most parts of the world today. And, again, it’s another place where the ability for people to essentially take your intellectual property and take it out of, let’s say Canada is very good, just as it’s easy to produce things somewhere else where there is no intellectual property regime and then decide they want to bring it into Canada in order to maximize their revenue. And the same holds for the United States and many other countries.

If there is no intellectual property rules — and we don’t, as a society, get more serious about it — I have great concerns not only about the future of the software business at large, but I think what you see is the pure intellectual property businesses, like Microsoft, is just the pointy end of a bigger problem. Today, a classic example is the music industry, globally, which is in serious decline largely due to piracy. Why? Because suddenly the network and the computers, without these other things being in place — the legal deterrent, the technology deterrent — have largely created a sense of entitlement in the kids, and even the older people who say, ‘Hey, I’m entitled to that music. It’s just a bunch of bits, why can’t I have it?’

In essence, Mom and Dad aren’t growing up telling people – their kids – that it’s wrong to steal music, that people whose job it is… I was at the World Economic Forum this year, and the guy running one of the panels on intellectual property, who was head of the department at Yale University, and he had to admit, under questioning, that his kids basically were pirating music, and that he did not feel that he could tell them that they shouldn’t be doing that.

And you know, that’s just a massive failure of people to understand what the future economy really depends on. It’s all about these ideas and the commercialization of them.

So the elites have just as big a problem telling their kids not to do it when they can’t tell them what the right thing to do is, as anybody else does. And I contend that that begs the question, I’ll say, around education. You know, to have a local software economy, to have all these things work, we’re going to have to educate more people.

Mark and I were talking just before we got up here that our society today basically celebrates rock stars and sports figures to an overwhelming degree in comparison to celebrating engineers and scientists. They get no prominence. Maybe in Canada, I don’t know in the United States we give one national technology medal per year, and how much publicity does that get?

And unless we do something to cultivate more people to believe that this is how the economy is run, and it is in fact making the mechanism that allows music stars and sports people to be viewed on television, we’re going to have a serious problem.

In countries like Canada and the United States I’m particularly concerned simply because I believe we’ve become largely myopic. We enjoy the luxury of 5 percent of the world’s population and 35 percent of the world’s GDP. And other countries are very intent on reducing that ratio, and yet I see most of the policy makers focus a lot more on what they think their own incremental problems are in the country at home, and not really understanding the degree and the intensity with which the world has become a globalized environment, and that other places who have significant assets, like China and India, just in a human resource sense, are very dedicated to the question of ratcheting up their capability.

Interestingly, in those countries there’s a lot less celebration of athletes and movie stars than there is in our country and culture, and the net effect is they’re producing, per capita, a much greater number of highly trained engineers and scientists. I’ve been a lot of times, now, in the last years, in China, and it’s really impressive what they’re doing. One of the things, though, that they realized: two years ago, the Chinese government wrote their tenth five-year plan. One of the top objectives they set for the government – the tenth five-year plan of the Communist Party – was the “informationization” of all the sectors of the Chinese economy. That’s one of the top stated objectives of the government. And they basically are now executing against that, you know, everything they need to do to vertically integrate, from transistors to space shots.

And then they realized they didn’t have enough programmers to take advantage of this capability. So last year they wrote a law, and signed it into effect, to put into place 35 de novo software universities. So if you aren’t really coming to grips with the implications, let me encourage you to think about it, because as a business who operates on a global basis, we’re both hiring those people and competing with those people. And I contend that every country that aspires to use their intellectual capital to both drive their domestic economy and have an export capability driven by IT is going to have to do more to think about how they compete in that environment, and on what basis.

So, there are just lots and lots of issues and challenges. How to create this local software economy, ensuring capital availability, ensuring that there’s enough intellectual property protection so that people who go into the software business, of writing the new applications, don’t find out that the people they’re selling them to are the kids who grew up believing they had an entitlement to free use.

I met with a bunch of EU commissioners earlier this year, one of whom had just been appointed to deal with intellectual property. And he was saying to me, somewhat woefully, that he’d looked at this question of music piracy and thought it was completely out of control in Europe, and so he decided they were going to crack down. So as soon as he started to put pressure on in order to change the laws and have enforcement, he started getting hate mail. He said what was really troubling was he didn’t just get hate mail from the kids, he got hate mail from other EU commissioners, who basically said, ‘Hey, it’s just music bits. Why can’t I take them?’

And so he realized then that he perhaps had a problem, because it wasn’t clear that the political will was there to actually go back and claw back the idea that music was an intellectual property asset that needed to be protected. And so, in these finely-tuned democracies where a few percentage of the population can persuade the vote one way or the other, what percentage of the population has to think that free music is an entitlement, free software is an entitlement? Where does it stop?

At APEC, I met with President Fox of Mexico. We talked about intellectual property, and he said he just had completed a study in Mexico and concluded 50 percent of all branded products that poured into Mexico were counterfeit. And he said that’s a serious problem, because one, whoever thought they owned that brand isn’t getting a lot of the money that they should be getting for the development of the brand, and whatever’s being manufactured and sold and imported, it isn’t getting taxed by any legitimate authority. So half of that total import economy is essentially operating in the black market environment.

I was in China recently, and I met with the general counsel of a major car company, one you all know well, and they would say, ‘We have a new problem. We spent a decade establishing our auto businesses, and we did it in partnership, the government endorsed it, and that’s all fine, but now, just down the street, a new car company opened up. You know what they make? They make a perfect copy of our most popular car. And you know how they do that? There’s all this new digital software copying technology for physical objects.’ So they take the car as soon as they make it, and they drive it into a room like this, and there’s a bunch of fancy white lights and lasers, and in a matter of seconds they’ve produced a 3D model of the entire sheet metal of the car. Then they disassemble the car, they put each part on the table with the scanner, scan it, and it produces a 3D model of the part.

They take that – it all fits on one CD-ROM – they go down … I’m being humorous now, but essentially they go back to their office, they get on the Internet, and they order up all the robots they need to run a factory. They come in crates, you unpack it, set up a factory, go out on the street, bring in all the people, take the CD-ROM, feed into the robots, and *zoop* what comes out? A carbon copy of the car. They build it in the same city, with the same labour, from the same materials, and they sell it for 40 percent less. Why? No R & D costs.

So I don’t care whether it’s software, music, videos, automobiles — pick anything — the digital world will clone everything. And unless we come up with a regimen that says we value it not only here but we value it on a global basis, then more and more of the economy will basically drift to the criminal element, the black market environment. And the companies who have the capacity to do this stuff today will not do it, because they won’t be able to do it.

That gives you another policy problem. I expect it’s pretty much the same here, although perhaps one of you would correct me, but unless you’re way different than the United States, the amount of pre-competitive research being federally funded in this country, I’ll bet you, is significantly less than it was twenty years ago. In the United States, it’s half. Half.

So who’s doing all the research? Well, basically a small number of big industrial enterprises. If you ask yourself who does most of the world’s advanced technology development in computers, well, if you took out IBM, Intel, Microsoft, maybe Cisco a little bit, on routing and comms stuff, most of it’s gone at that point. Four companies do most of the world’s development in information technology.

Universities have basically become places to teach programmers the computer science of the old style, and there’s almost no academic research that is actually pushing the frontiers of computer science, because they can’t afford it.

And so these, I think, are really important questions that you should all be asking yourself. Why? Even if I’m parochial about information technology, it’s a critical technology. The reason I can go sort of as Microsoft’s secretary of state — as I was called recently by The Economist magazine — why can I go around the world and meet with essentially prime ministers and cabinet-level people in almost any country? It’s because almost every country recognizes the dual role of IT. One, is it’s a big business in its own right, and one that tends to use a lot of smart people; but two, it is the key to driving economic productivity forward.

And I contend the equation nowadays goes a bit like this. If you get the IT right, then every sector of the economy gets better. That produces economic well-being, which produces political stability, which equates to national security. The equation used to go if you have a strong military you get national security. But even as we see in recent events, while you still have to have military capability, even the United States would tell you that their military, without IT, zip-po. I mean, how would they fight the kind of wars we’re fighting today? Smart bombs? What do you think aims those things? Listening to an infinite amount of intelligence around the world, how do you think that happens? I mean, you can’t operate without this stuff anymore, and it is going to be the key to, I’ll contend, your economic well-being, your political stability, and the by-product is economic well-being, and then ultimately your ability to compete.

And so, because of that, every government, they get it now. No one is confused that they have to have a strategy around IT. And bearing on their capabilities, and where they are in their economic cycle, there’s varying degrees of focus on these questions.

Anyway, these are my seven or eight favourite current-day policy topics, and I’d love to engage with you on those, or anything else that you’d care to ask about.