#80 Innovation, Capitalism and the Evolutionary Process
Reimagining Innovation Policy in Terms of its Positive Externalities Through Spillovers in Society; A Breach in the Commons
Today, Arindam Goswami ruminates on the future trajectory that India’s innovation policy must embark upon if we are to see meaningful positive changes in our R&D figures. Bharath Reddy comments on the recent xZ Utils backdoor controversy that has shaken the open source software community, highlighting some recommendations from Takshashila's proposal for an open source strategy for India that can mitigate such risks.
Also,
We are hiring! If you are passionate about working on emerging areas of contention at the intersection of technology and international relations, check out the Staff Research Analyst position with Takshashila’s High-Tech Geopolitics programme here.
Technomachy x Cyberpolitik: Reimagining Innovation Policy in Terms of its Positive Externalities Through Spillovers in Society
— Arindam Goswami
It is imperative that we totally change the way we look at innovation in India. It cannot be a top-down, government-driven approach anymore. The paternalistic, mai-baap approach so integral to how we approach anything to do with public policy and government, also extends to our innovation policies. We’ve tried that in India, and it has failed spectacularly, as can be seen in our R&D numbers.
Rather, as Richard Nelson said in “Capitalism as an engine of progress”, we need to look at innovation as an evolutionary process, which will inherently be wasteful in that it will generate many alternatives, and much of the work will be discarded eventually. That is how innovation is very similar to capitalism and the evolutionary process. Variation, survival of the fittest, and natural selection are concepts that cut across all of these processes. If we obsess over what looks like wastefulness, we will never truly understand the positive externalities involved in the spillovers that research can provide to society when it is truly diffused and bottom-up.
As Naushad Forbes writes in this article, pursue excellence and not relevance. “The Idea Factory: Bell Labs and the Great Age of American Innovation”, a wonderful book by Jon Gertner, also talks about this. While the research at Bell Labs had a general direction, it was still very open-ended and gave a lot of freedom to pursue ideas. The process of innovation and discoveries is often serendipitous. Alexander Fleming and his discovery of penicillin is one example of this. The 3M scientist, Spencer Silver, discovered a weaker adhesive that became Post-Its while searching for a stronger adhesive. Market-determined innovation will find its way to a spontaneous order through the invisible hand of the market, as Adam Smith and Hayek have said so very eloquently about markets. Through human action and not human design, will we get a more efficient allocation of innovation resources, to use the analogy of Hayek.
This is not to say that governments don’t have an important role. But we have to reimagine that role against the above background. As Ajay Shah, R. A. Mashelkar and Susan Thomas write in their interesting paper, private persons tend to under-invest in innovation because they don’t correctly value the positive externalities of the spillover of knowledge into society. Governments, therefore, need to invest in innovation by raising tax revenues. It then becomes essential to organise this public spending in a way that knowledge and innovation permeate into society and raise its capabilities instead of just the capabilities of government organisations.
They, therefore, argue for “a reorientation of public spending on innovation: away from building vertical government organisations, and in favour of a contracting-out strategy.”
Contracting out to universities and profit-motivated firms brings about positive spillovers in the form of knowledge diffusion and commercial applications. To build a case for “buy” as against “make”, they give, among many examples, the example of NASA (buy), 80% of whose budget is contracted out to private entities, as against ISRO (make), which spends most of its budget on growing its own capabilities. The gains from a buy strategy are reflected in the outcomes in terms of patents and products.
A contracting-out strategy would require substantial changes to our procurement processes. As Ajay Shah and others propose in the paper cited above, this would require changes to the General Financial Rules (GFR), the founding documents of innovation organisations such as the Defence Research and Development Organisation (DRDO), the creation of new rules, and changes to internal manuals for procurement. We can learn from the best practices followed by NASA, National Institutes of Health (NIH) in the US, French defence procurement, ‘New Millennium Indian Technology Leadership Initiative’ (NMITLI) program at the ‘Council of Scientific and Industrial Research’ (CSIR), which in a way pioneered this mechanism in India. In our procurement processes, we need to have multiple competing teams and different forms of contracting that acknowledge the different risks and complexities involved in innovation processes, as well as the benefits of private management and autonomy.
Contracting with universities (public and private), private research organisations, and private firms is a complex process, and the procurement officers need proper, recurring training to handle it properly. Research requires time, and failure is inherent in this. Our institutions and process should be able to, therefore, judge “success” with a high enough tolerance for failure. Worth exploring is NASA's way of evaluating some contract performances and whether “good faith” efforts were made to complete the project instead of just completing the task. This would require significant maturity of the judicial and arbitration mechanisms, too, to recognise the intricacies of this approach.
Contracting should be based on what NASA calls the Technology Readiness Level (TRL). At each level of maturity of knowledge of different parties, different types of contracts are used, ranging from high-level design contracts to detailed implementation contracts. Monitoring of the research should be done by scientists and not bureaucrats, through possibly peer review processes, while trained procurement professionals and legal experts should monitor the procurement and contracting process. All contracts need not be awarded based on competitive bidding only – this recognises the important principle that the measure of success of a contract is not its cost but its contribution to knowledge and innovation in society.
The legal basis and fundamental document for government contracting in India is the General Financial Rules (GFR), and the Federal Acquisition Regulation (FAR) is analogous to that in the US. FAR has some interesting features that allow for risk management through contracting, which India can adopt, like:
Awarding contracts to multiple organisations to meet the requirements of a single solicitation.
Procurement officials can choose between four types of contracts: fixed–price contracts, cost reimbursement contracts, grants, and cooperative agreements.
Each of these has different risk and oversight mechanisms, involvement levels of the procuring party, payment mechanisms and success evaluation parameters. Rule 225 of GFR says that cost-plus contracts are to be ordinarily avoided, which should change because these contracts allow the supplier to take more risks as they know their costs will be reimbursed, and their success will be evaluated based on good faith efforts rather than strictly on project completion. This can run into some problems, especially in the Indian scenario, due to the threat of accusations and investigative agencies of the state; we need to guard against such hounding by the state.
The paper cited above is well worth reading to dive into all of these details. We would not go into all of those details here. However, it suffices to say that this paper makes a very valid case for the contracting out strategy. Its primary argument is that a private firm getting a research contract and standing to gain via intellectual property rights, commercial benefits, fees and royalty payments, equity investments, etc., will invest all its energy into making it a success, thereby reducing the problems of failure and research malfeasance, and advancing the positive externalities of innovation.
Also tying in well with these recommendations is what the Centre for Technology, Innovation and Economic Research (CTIER) says in its handbook.
“The Indian government spends a reasonable amount on publicly funded R&D, around 0.4 percent of GDP to a world average of 0.5 percent, but it does so in the wrong place. Over 85 percent of publicly funded R&D is done by the state itself in autonomous government laboratories. World over, almost without exception, when the state funds R&D, it does scientific research in the higher education sector and technological research (especially for defence) in industry… Much can be gained, then, by following the world and shifting the lion’s share of publicly funded research to the higher education sector.”
This handbook is a treasure trove of data about private sector R&D and some interesting articles and perspectives. Public policy students and practitioners interested in innovation policy would do well to read it.
India is set to host the Quad Leaders' Summit in 2024. Subscribe to Takshashila's Quad Bulletin, a fortnightly newsletter that tracks the Quad's activities through the Indo-Pacific.
Your weekly dose of All Things China, with an upcoming particular focus on Chinese discourses on defence, foreign policy, tech, and India, awaits you in the Eye on China newsletter!
The Takshashila Geospatial Bulletin is a monthly dispatch of Geospatial insights for India’s strategic affairs. Subscribe now!
Cyberpolitik: A Breach in the Commons
— Bharath Reddy
A few days ago, Andres Freund, a Microsoft developer, revealed that a backdoor had been planted in xz Utils, a widely used open-source data compression utility software. The sophisticated attack, which had been years in the making, could allow the hacker to do just about anything, including installing malware or stealing encryption keys. What is unique about this attack is the sophistication with which it exploited a vulnerability in open-source projects.
Credit: XKCD
This widely referenced XKCD illustration highlights two important facts.
First, open-source software is a building block for most of the software we use - both open-source and proprietary. It is estimated that 96% of all code bases include open-source components. Second, open-source is often maintained by individuals or small groups of individuals and long-term maintenance is often a challenge. These individuals often start these projects to address their own needs, but as these projects become widely adopted, the maintenance burden becomes significant and is often a thankless job.
The recent attack targeted a lone developer, Lasse Collin, who was the longtime maintainer of xz Utils. Many new users claimed that Collin hadn’t been updating the software frequently and bullied him into handing over the responsibility to Jia Tan, who had recently started contributing to the project. What followed was the planting of sophisticated backdoors, which eventually made their way into other software that used xz Utils. The backdoor itself is quite complex - it was planted over many commits and executes in many stages as well. This infographic by Thomas Roccia illustrates the complexity of the attack.
Open-source software suffers from the tragedy of the commons—it is widely used, but the maintenance burden is on a few. This attack exploited the human weak link by harassing the project's lone maintainers into giving up their control.
Takshashila's proposal for an open source strategy for India includes measures to mitigate some of these concerns. A key recommendation is that governments fund maintenance and security support for widely used open source projects through recurring grants. Considering the wide usage of open source software, the positive externalities from such an initiative could exceed the costs involved.
Another recommendation is to require that software developers disclose the open source elements they use by including a software bill of materials. This would assist in identifying supply chain vulnerabilities should these components be affected by security breaches.
Lastly, it is also important to acknowledge that despite the serious security breaches, it is possible to identify these vulnerabilities because the code is open source. The code is free for others to use, copy, study, change and redistribute. While some vulnerabilities need to be addressed, openness and freedom are also its biggest strengths.
Admissions are now open for Takshashila’s Postgraduate Programme in Public Policy. This comprehensive, multidisciplinary, and entirely online 48-week program is tailored for those aiming to delve deep into both the theoretical and practical aspects of public policy. Apply by 22nd April to avail yourself of the Early Bird Deadline (10% scholarship)!
What We're Reading (or Listening to)
[Podcast] Assessing India's Potential in Global Semiconductor Value Chains ft. Stephen Ezell, Satya Sahu
[Opinion] A practical agenda for India-Australia semiconductor collaboration, by Nadia Court and Pranay Kotasthane
[Opinion] Contemporary Dynamics of an India-Taiwan Partnership, by Anushka Saxena
[Article] Centre hands over 62% of new Sainik Schools to Sangh Parivar, BJP politicians and allies, by Astha Savyasachi