Countless companies around the world have developed and perfected sophisticated and multifaceted algorithms which are the intellectual property (IP) lifeblood of their business. Imagination and innovation have enabled thousands of these companies to conquer the free market and be prosperous. In the US, however, that extremely valuable commodity—intellectual property—could be jeopardized if a government agency (ironically, the Commodity Futures Trading Commission—CFTC) succeeds in doing what they propose.
Just think about how our world has changed with technology making our lives more efficient and effective due to sophisticated technological IP used every single day. Things we take for granted like a simple Google search use these proprietary algorithms—the underlying heart which is based upon something called “source code”. It is that source code (developed, many times, over years and costing millions of dollars) which makes things like weather forecasting and traffic predictions possible. It makes on-line shopping more convenient and expedient, and it provides health and safety protection to our citizens. Going into the future, source code will be utilized in digital currencies and block chain applications, drones, self-driving cars and many other facets of contemporary life.
Source code is also used in financial markets, which is where this little commodity agency that not many people know, comes into play. The CFTC has proposed that proprietary source code (even if protected by intellectual property and trade secret rights) be given to the government upon request as part of the regular books and records available for inspection. Source code is not only used by traders, banks and others to implement their many market methodologies, but by trading venues like the Chicago Mercantile Exchange (CME) and the New York Stock Exchange (NYSE) which provide the intensely intricate and important backbone fundamentals of our modern financial system.
The major problem with the government getting a hold of this highly-sensitive, proprietary source code IP is that it could be stolen or otherwise compromised in some fashion. Such a risky policy prescription could place at precarious peril the essence and basic existence of a company.
Why should companies trust government with such sensitive source code IP data? They should not. We have witnessed many cyber-attacks, hacks and the outright stealing of sensitive information from our government.
Even after repeated warnings of persistent system vulnerabilities and/or failings, last year the US Office of Personnel Management (OPM) was hacked and the criminals accessed 21.5 million records. I am, unfortunately, one of them. And, it wasn’t just simple DOB and Social Security data that was accessed. Those in highly-sensitive and national security-related jobs (like the one I had) file a Standard Form (SF)-86. The hackers had access to the SF-86s which include deets about financial holdings, family members and friends. No matter, the government offered a free credit score checking service (how nice!).
The OPM hack wasn’t the only security breach, of course. In fact, even the very Agency—the CFTC—which seeks to have access to source code was hacked in 2012. I was lucky, yet again. As a CFTC Commissioner at the time, criminals had access to my personal and sensitive private deets. At the time, we believed the data breach was limited to the roughly 700 CFTC employees, but we all knew that it would not have been a far fetch for the hackers to gain data and details on traders or exchanges. That is exactly why the CFTC’s current source code proposal is fundamentally fatally flawed.
Oh, and by the way, in recent months the Federal Reserve, Federal Deposit Insurance Corporation and even the Internal Revenue Service were all hacked. Can government keep data safe and secure? Sure. Not!
The adoption of the CFTC regulation would set a horrendous precedent for all company IP. After 30 years in government, one thing I know for sure is that if one department or agency institutes a policy (like having access to source code IP)…watch the heck out! Another, and another and another…will soon follow.
If companies want to ensure their source code IP is protected, they may take notice of this seemingly small, innocuous proposal. If there is an opportunity (which there might be) they may seek to have their voices heard.