US-China Internet Industry Forum 2009

• Thank you Fengming, and thank you all for joining us this morning. I’m delighted to be here in San Francisco for this third U.S. China Internet Industry Forum. I hope that our discussions during the next two days will enrich our mutual understanding on a broad set of Internet business and policy issues.
• I’m Craig Mundie, Chief Research and Strategy Officer at Microsoft. Those of you who have participated in previous events know me, but we are fortunate to have some new participants this year and, of course, on the US side we have a new Administration.
• So let me first say a bit about this event, why we think it’s important, and why we’re so pleased you could join us.
• Some time ago, I had a conversation with Vice Minister Cai Mingzhao and we hit upon the idea of creating an informal dialogue between the US and Chinese internet communities – to explore common challenges and areas of difference, and to identify opportunities to improve cooperation and alignment on policy issues.

• There are at least three reasons for this kind of event:
• First, we all share the goal of furthering the potential of the Internet. We may have different visions of what the future of the Internet should look like, but we all benefit from the connectivity and capabilities the Internet offers.
• Second, the US-China relationship is critical for each of us, and for the world. The US and China are the world’s two largest Internet communities, and our policy choices impact hundreds of millions of users. Direct engagement benefits everyone.
• Third, there is a fair amount of misunderstanding and polarizing rhetoric about the US and China and the Internet, in various policy areas. We don’t expect to resolve all these differences, but we can – and must – take a collaborative, open approach.
• In that light, the goals for this dialogue between industry, government, NGOs and academic leaders remain much the same as previous years:
• To review Internet trends in the two largest Internet-using nations in the world.
• To discuss Internet technology, business, policy and social developments that will shape the future – and help solve some of the world’s biggest problems.
• To discuss candidly a few of the major challenges the Internet faces.
• To build confidence, understanding, relationships and a platform for dialogue that will live on and thrive beyond this meeting.
• But we also envision discussions that will go beyond these categories, spanning business models, security, privacy, identity, borders, policy and regulation.

• To match the diversity of topics, we’re very pleased to have a diversity of participants.
• While Microsoft and the Internet Society of China are facilitating getting us all together, this truly is a pan-industry, bilateral forum. In that sense, this is your Forum as much as it ours; we encourage you to make the most of it, to share your perspectives and learning, and to take advantage of the panels and time for interaction to build personal connections in an informal way, particularly with our Chinese guests who have graciously traveled here to San Francisco.
• We also know that our US colleagues have a lot to offer to this dialogue and mutual learning process. We’re delighted to have the engagement of academics and Internet NGOs as well.
• We are especially pleased to have senior officials of the US government here at the Forum. Particularly with respect to policy matters, it is crucial that the two governments lead, setting a direction for engagement on policy matters, identifying opportunities to work together on solutions, and ensuring that industry, academic, and NGO perspectives inform the policymaking process.

• With that, then, let me share a few of my own observations about where we are with respect to Internet policy and technology issues.
• My job at Microsoft is to envision where technology will be going in 5-15 years from now – and, in many ways, the goals of this forum are to ensure that there is a policy and business environment that makes these advances possible and useful.
• The Internet has vast potential to stimulate economic growth, solve societal problems, and enable governments to expand services to citizens. The equalizing power of the Internet enables individuals to share information regardless of boundaries – whether geographic, linguistic, cultural or political.
• We are rapidly moving into what I call the “client+cloud” era, where intelligent client devices will work seamlessly with vast online databases to get you the information you need, wherever you need it. This will also bring computing power and services to hundreds of millions of people who in the past had no access to them.
• We’ll also see new ways of interacting with computers, a natural user interface or “NUI” that embraces gestures, anticipatory computing, expressive response, contextual and environmental awareness, and immersive 3D displays. NUIs will help “break down the barriers” between technology and users, making computers easier to use even for those who haven’t interacted with them before.
• And, increasingly, computers will be able to work on behalf of users, rather than just at their command.
• For these scenarios to develop, we need to improve the Internet infrastructure. Not only in terms of bandwidth and network processing power, but in terms of other fundamental aspects of the Internet such as security, reliability, and privacy.
• The key traits that make the Internet so robust also make it so attractive for exploitation by criminals—global connectivity, anonymity, lack of traceability, and valuable targets.
• We know that many of the industry participants in this Forum are investing more in network security, and that’s very important to do. But we also need to fundamentally change the game in terms of how we tackle the problem.
• The history of computer security shows that offense will beat defense in cyberspace because attackers have an abundance of time and resources, and may only need to find one weakness, whereas a defender must cover all avenues of attack.
• Most cybercriminal schemes are successful because people, machines, software, and data are not well authenticated and this, combined with the lack of auditing and traceability, means criminals will neither be deterred at the outset nor held accountable after the fact.
• Thus the answer must lie in better authentication that allows a more trustworthy Internet, and audit that introduces real accountability. This will require us to work collaboratively, on a “supra-national” basis, recognizing the global and interconnected nature not only of the Internet, but of societies, capital markets, IP and inventiveness.
• We need to make careful choices so that we end up with the Internet we want, one that empowers individuals and businesses, protects the social values and freedoms we cherish, and provides a firm foundation for the advances that lie ahead.
• In other words, this work involves the very kind of dialogue we are having today.
• Let me then take the remaining few minutes to elaborate a bit on this and show what I think we can achieve in terms of social benefits by committing ourselves to improvements in Internet authentication and trust.
• Let’s take healthcare as an example:
• The Internet affords tremendous potential to “scale” a medical practice to reach patients who might otherwise not have access to medical care. For example, we’re developing a robotic health kiosk for use in emerging markets where families don’t have access to a doctor. The robot health assistant can make basic diagnoses and figure out when a patient needs to see a human doctor.
• Working with Microsoft Research, researchers at the University of California at Berkeley have also developed CellScope, a low-cost, clinical-quality microscope that can be attached to a conventional camera cellphone.
• Also in collaboration with MSR, researchers at Edith Cowan University in Western Australia are developing an affordable, mobile fetal-monitoring system that can be used with Smartphones.
• Such innovations will dramatically lower the cost of providing medical care in a field environment, thereby increasing access. They also have the potential to contribute to breakthrough solutions to healthcare, education, and climate change problems, and to enable multidisciplinary solutions to some of the world’s greatest challenges.

• To apply these innovations in a manner that maps to fundamental fairness, privacy and user trust, we need to be sure that sensitive medical data is handled in a secure manner, and shared only among the proper parties. Data governance is part of this, but so is authentication and identity.
• Using today’s technology, we could develop a system of digital “smart” cards, which would extend the usefulness of our ordinary plastic ID cards to the Web. These digital IDs – which could also be embedded in a device as secure digital credentials – would enable consumers on the Web to access their health records, apply for a loan, or chat with friends and family with a similar degree of ease, privacy and security they enjoy in the physical world.
• We think this type of system should eventually replace the current complex and less secure system in use on the Web today, which relies on multiple login ID names, passwords and shared secrets – all of which can be more easily compromised.
• To do all this, we will need to ensure that we also address privacy not only in the health care data systems, but in the identity system itself – how we architect it, how identities are created and issued, and in the rules that govern access to identifying data. That is a shared challenge for industry, government, and civil society to meet.
• In case there is any confusion, let me be clear that none of this means options for anonymity online should be abolished. On the contrary, anonymity is important in many contexts, including free expression, and should be protected through both technology and policy. In the right situations, people should be able to choose if they want to be anonymous or identified (in whole or in part), and for what purpose.

• This is just one example of the type of business, technical and policy challenge that confronts our two Internet communities; there are many others, such as addressing the safety of children online, protecting intellectual property, investment and innovation, ensuring the free flow of information and expression, and working together to tackle cybercrime.
• To meet these challenges, and thereby create an environment where these technologies can reach their full potential, we must move past polarizing ways of interacting, and commit ourselves to exploring our concerns, thoughts, and perspectives in new and more productive ways.
• As I noted at the outset, we don’t expect to resolve all of our differences, but we do hope to find many areas of collaboration and cooperation, and moreover, we can and should agree on the type of approach we’ll take to this dialogue.
• At Microsoft, we orient our work around a few core values; among these are that we will be open and respectful – meaning we will listen, and consider other points of view. And we will be self-critical and questioning, which means we share information – on both strengths and weaknesses – to help us improve. Those values have worked well for us as a company, and they seem to be good principles to apply here as well.
• This morning’s keynotes are designed to set the stage for serious, candid discussions in the panels this afternoon and tomorrow. We would also like this Forum to set the stage for some additional next steps:
• First, we should agree to convene a Fourth US-China Internet Industry Forum in China in 2010, and secure commitments now from industry, government and others to participate.
• Second, working with both the US and Chinese governments and a broad set of stakeholders, we should establish a regular channel, including online resources in both languages, to exchange best practices, research, technology insights and other information on increasing safety for children online. This should include strong considerations of ways to increase the availability to parents and guardians of tools for child Internet access protection, in keeping with the commitments of both countries to market access, free trade, and technology engagement.
• Third, dialogue on improvements in privacy protection laws should be extended to ensure that both the US and China are working to increase the level of user trust in the Internet. The APEC privacy framework, for example, is one foundation on which we can build. International and multi-lateral privacy business and discussions should also be leveraged.
• Fourth, dialogues and cooperation between US and China in the area of Internet IPR protection should be strengthened. Steps should include exchanging best practices, and improving the policy and technical environment for the enforcement of intellectual property rights, incorporating due consideration for legitimate interests, including fair use; and in enforcement actions that ensure fair process and respect for user rights.
• Fifth, the cross-border framework to address cybercrime should be strengthened, including continued government support for the Joint Liaison Group and other cooperative efforts at criminal enforcement, but also industry exchanges to expand understanding of open, interoperable, and effective ways to improve authentication and identity management online, reduce identity fraud, and protect user privacy.
• We have a great deal of work ahead of us, but I know that this Forum will be productive. I look forward to spending time with you and to developing a concrete set of action steps that we can work on together in the new year and beyond.
• I’d now like to introduce Gao Xinmin, Vice Chairman of the Internet Society of China.