Economics

The Scale of Victims

by

(This column is posted at www.StevenSavage.com, Steve’s Tumblr, and Pillowfort.  Find out more at my newsletter, and all my social media at my linktr.ee)

It sure seems there’s a lot of IT security breaches lately. In fact, it’s to the point where I can’t remember which one inspired this column. It’s probably just as well, since you can map whatever horrific violation of privacy you heard of this week onto this column. There, I’ve sort of written something relatively timeless because people are dumb.

One of the things I wonder about is why more CTOs, CIOs, and so forth aren’t being taken to court, followed by reporters, and in general held freaking responsible for their companies having lousy security. Yes there’s all sorts of shielding from accountability, but you think we’d see some effort, but I think one thing protecting them is that the company is seen mostly as a victim.

I’d argue that’s technically right, the companies were attacked by some external force. But treating companies as equivalent of people ignores their responsibilities. People, individual moral agents, can be victims, but corporations are not people and not moral agents, and treating them as victims like people lets them out of responsibilities. Sorry, Mitt Romney.

Think about a person who is a victim of a crime. Though people often try to blame victims, those blamers are usually both wrong and assholes (and sometimes justifying their own crimes). A person who is victim of a crime is a victim in that someone else chose to behave criminally.. Even if said victim enhanced their own danger it doesn’t remove the culpability of the criminal, who violated social and legal norms that people are expected to follow.

When I watch people shrug as corporation after corporation has customer records placed on the dark web, I see comments about how crappy their security is, but it doesn’t seem particularly judgmental. This impresses me as an echo of the don’t-blame-the-victim mentality.

But corporations are groups of people – organizations. That organization makes certain agreements and promises in order to exist. Security of data is, obviously, part of them. If one’s data is breached, despite the criminals actions, you also take responsibility as you are responsible. If you’re leadership, you should be on the line because you made a promise that this probably won’t happen.

Organizations are about promises and responsibility. Screw that up, and no matter why, someone has to pay as your failure hurt the organization and the people involved. You don’t have to restrain yourself on going after the people who did the actual crime, but corporations have made promises. If you can’t keep them, you’ve got a problem.

In fact, I’d say a corporation that suffers a data breach or similar failure must be investigated to see if it violated social norms. If the corporation made guarantees it could not and did not keep, if good faith effort was not made, the corporation was responsible. There is a failure of the company that echoes the action of the criminal, it too violated norms.

Of course we all know that if we at all ask this we’ll find a lot of corporations have done terrible at security. It’s all cost cutting, half-assed integration, and big bonuses. A lot of companies, if they were really investigated for security problems, would be locked down and sold off for being terrible.

(And yes, I work in Healthcare, which has insanely strict rules, but everyone should for everything, and we remember that these rules protect people.)

We don’t need to act like corporations are victims like people. If they can’t keep their promises, if security violations reveal they’ve done a poor job of protecting people, they’re part of the problem. Some of them should pay. Some shouldn’t exist.

Steven Savage

Climate Change as Investment Opportunity

by

As I look at weather predictions, I’m obviously concerned about climate change. I have a bugout plan if it’s necessary to move to avoid severe climate issues. I work in an area (medicine) where climate change affects everything from what patients you see to worries about new diseases to supply change disruptions. Also I’m pretty damn upset with people dying because we were greedy and stupid.

But one thing I think we should be ready for is that people are going to see Fighting Climate Change as an investment opportunity.

Just look at the way money got poured into AI/LLMs in 2023-2024 (when this was written). Take a look at investment fads as people seek the latest thing (and a quick payout). I’ve sometimes wondered when we see the next big economic bubble pop, and other times I wonder if we’ve got so many bubbles popping all the time but don’t notice as the money is already moving on.

That leads me to climate change. Because that’s not just a crisis, but also solving the crisis is going to be seen by some as an opportunity. If you can help people navigate climate change, then someone is probably going to desperately hand you cash – probably a government or ten.

But there’s more! People will want a fast solution to climate change, or at least something that gets them re-elected or brings in cash. That means people will propose fast solutions to climate change problems, and many of those sound high-tech and cool, and that will have many people interested.

Geohacking is going to definitely get attention. Carbon fixation and atmospheric scrubbing is going to get a look. There will also probably be assorted insane plots and suggestions. At least one moron will try to find a way to move entire cities underground or something.

All of these are cool and promise fast (well on some scales) solutions. People love that.

Do I expect this to help climate change? On the whole, no. It’ll just be another investment opportunity, a chance for scammers, and a hope for an easy solution. Climate change is a larger systemic issue and it won’t be solved easily, even if you can safely hack the atmosphere.

Instead I expect it to create scams, mistakes, errors, possibly even disasters. People will smell money, people will see potential stock increases, and that will bring in money and people who want a profit. It will also result in eventual collapse and people moving on to other markets.

It’s my hope that this inevitable scammy, inflate-the-stock type crap is limited and controlled. It might even let us drive real solutions. But there’s going to be all sorts of opportunism in fighting climate change, and we have to be ready for it.

. . . and that is a depressing set of words to write.

Steven Savage

No Sympathy For Tech

by

So as you may have just seen, some insiders at big companies (Zuckerberg, etc.) sold off stock. That tells me the sign that things are slowing down in tech. Well, one of many signs:

  • Everyone’s all in on AI, which means that there is going to be some shakeout when it doesn’t all work out.
  • Plenty of sites that are a little unstable, like ol’ Kotaku’s pivot (ha!) to guides.
  • Whatever embarassments crypto still holds for us.
  • Venture Capital looking for quick profits (See Ed Zitron’s latest).

This tells me that at some point we’ve got a shakeout in tech. As in something bad – and something earlier than I expected. This isn’t a surprise – for the last six months I’ve seen people make predictions that boil down to some combination of:

  • A big name takes a hit.
  • A lot of not-as-big-names fail because of a mix of bad ideas, low ad rates, and so on.
  • AI doesn’t pan out like people hope.
  • General enshittification.
  • VC money moves away fast.

I’ve been trying to puzzle out what’s going to happen myself. But there’s something else I want to address – how people react. See, I think there’s going to be little sympathy, and plenty of schadenfreude when the inevitable “big fall” happens.

People regard tech different than they did ten years ago or twenty years ago. Sure there’s some interesting stuff, but it’s often pricey, questionable, or not much more beyond interesting. Beloved sites are enshittified. Nothing seems new, often because it’s not.

Gone are the days of breathless waiting that felt like there was something worth waiting for. Ads are everywhere, websites are overclogged, products might be fourth-rate knockoffs with AI generated images. New gizmos ape SF concepts while planned obsolescence takes the fun out of the new. Annoying bad features are a joke among social media users.

A friend of mine of well over two decades has noted they feel things were better back when we first met.

So when the “big fall” happens, in whatever forms (I expect a kind of cascade collapse), I think people won’t care and many will enjoy watching things burn. When they do care it’ll be more how they’re personally impacted for obvious reasons – but there’s so much less “loving tech together” these days.

That’s also going to make everything from economic recovery to new products to potential government regulations harder to predict. Watching people fall out of love with tech (and tech has done plenty to shoot itself in the foot) isn’t quite like anything I’ve seen in my life except one thing.

Watching how the reputation of smoking collapsed in my lifetime. No, it’s not exact – tech has benefits smoking’s benefits were mostly social, but still the “feel” is there.

Perhaps that’s something for me to explore later. Just writing the above was exhausting, because so much has changed over the nearly three decades I’ve been in tech. Looking back over half my lifetime feels like several.

Steven Savage