I had to bite my tongue and not comment on this tweet from FTC Chair Lina Khan, who tried to make the current CrowdStrike situation a crisis because of “big tech” and “consolidation.”
“How is it that you don’t understand systems, or their inherent complexity?”, I wanted to scream.
Well, if you give someone a hammer, everything looks like a nail. This lack of understanding of the complexity of our modern technology-reliant, digital-first world is why I believe we really need the Federal Trade Commission (and other regulators) to rethink regulation and regulatory frameworks.
CrowdStrike doesn’t quite fit the definition of a classic monopoly, but its impact, as shown by the widespread system failure, suggests otherwise. It isn’t the only service that helps guide the world in an invisible fashion. We need to rethink not only how we regulate but also what we regulate.
Khan’s tweet, like many others I’ve seen in the wake of this week’s CrowdStrike crisis, only reinforces my hypothesis that with the abstraction of core technologies into buzzwords, most people involved in the technology ecosystem don’t quite understand the complexity of digital systems.
I can certainly understand that a layperson doesn’t comprehend the complexity of technologies that touch their daily lives, but this lack of comprehension is widespread and deep among those who are important part of the technology ecosystem. Technical ineptitude afflicts everyone — from politicians and bureaucrats to company leaders and media (including the media covering technology).
Five years ago, in his essay about the need for systems thinking, Adam Bly, founder of System (a True Ventures-backed company), pointed out that complexity is “an impossibly large network of interacting components, without central control, whose emergent behavior is much more elaborate than the sum of the behaviors of its individual parts.” He argued that we are “nearly at, the point where every world problem is intractable in isolation.”
With technology, you could see it coming. A decade and a half ago, I bemoaned that Facebook Login could become a single point of failure for many internet services. I wasn’t trying to be Cassandra — instead, I was just highlighting the ever-increasing risk in the system. Facebook’s login failures have disrupted the internet on multiple occasions. With increasing frequency, we are reminded of this interconnected complexity and the growing magnitude of risk and failure.
Fat fingers or a single line of errant code can bring down a telecom network. A misconfigured address on routers can bring the entire internet to a halt. When Amazon’s cloud goes offline, almost half the world’s internet offerings go on the blink. It seems that the timeless “six degrees of separation” adage applies to machines and software as well.
We are living with an interconnected digital nervous system. The big question to ask (and answer): How do we think of risk and resilience in our highly connected society? Perhaps we should start by ensuring everyone from regulators to media to technology buyers becomes well-versed in understanding the underlying technologies. Otherwise, we will have more CrowdStrikes, ensuing faux outrage and jingoism.
July 20, 2024. San Francisco