New Products, Emerging From Chaos
In a trenchant comment on “Secretly Admiring,” Victor Lighthill writes:
Not to disrespect Ron Rivest or Credentica’s Stefan Brands, but patenting your ideas in crypto is, historically, a great way to ensure that it takes them 15 years to go from concept to use.
While there may be important grains of truth in this, and while I’ve railed against patents, and think the system is substantially flawed, I don’t think patents are the mainstay of what holds back new products.
When someone invents something fundamentally new—and much of what’s invented in cryptography does enable substantially new ways of allocating risk—the new idea needs to be the subject of experimentation. Much of this experimentation takes place in thought experiments and little prototypes. Some of it takes the form of startup companies trying to find the right combination of features to wrap around the core of it to bring something new to the market segments Geoff Moore calls ‘visionary’ or ‘early adopters.’ He spends much quite a few pages considering how companies can go from those markets to the ‘early mass market.’ (I shall now dramatically oversimplify his work in “Crossing the Chasm” and “Inside the Tornado.”)
Much of the transition involves creating a set of circumstances, including successful deployments in specialized markets and generating ‘recommenders’ who will advise others about their success with your product. All of this takes both time and money. It requires luck. It requires a vicious clarity regarding strengths and weaknesses, at the product, team and personal levels. It also requires crafting a message that aids potential customers see how your product can transform their lives or businesses.
The first messages that are crafted are almost always wrong. Edison thought that the telephone would be used to broadcast concerts and lectures. Great entrepreneurs can sometimes react and find a new message. It took a great deal of experimentation for the combination of air-conditioning and movies to be discovered, and for that form to really take off and create Hollywood.
Do patents slow down the process? Somewhat. There’s an awful lot more going on in entrepreneurship. Look at other bits of cryptography, not patented, like SSL or IPSec, and tell me that patents are the only issue. There’s clearly a lot more to be overcome.
(“London – Big Ben Tripout” by ‘Don’t look back!’)
Note that when RSA’s patent went away, we didn’t suddenly see an explosion of strong cryptography actually being used by people. That’s what you’d expect if patents were a major roadblock to new crypto being adopted. And RSA is a pretty interesting case, because they were pretty famous for driving really painful bargains, at least with small companies. Nobody looked forward to negotiating a patent with these guys.
One thing I will point out with patents, though, is that patents on marginal improvements to the state of the art are a net loss to mankind. You’re designing a system, and you can either use CCM right now, or try to negotiate a patent for OCB. Now, there are multiple people claiming some rights there, but even if it were just a matter of going off and writing Rogaway a $100K check, it’s often organizationally painful to do that. Somehow, multiple layers of management, the legal department, etc. seem to need to be involved. Unless the factor of two speedup is enormously important for your application, you’re going to find it much easier to go with the slower, but unpatented, mode. This is a pity, because OCB is really cool, and deserves to be widely used. Similar comments apply to elliptic curve stuff (which is also cool technology that deserves to be more widely used than it is).
Thats a really good point with regards to RSA. I think your other point, regarding transaction costs and friction, will require a whole post to respond to.
Yes, but. SSL is patented, and I’d give it as an example of precisely your point. SSL is wildly successful, and in part because there is a free license for anyone who doesn’t sue Netscape (AOL) in such a way that it prevents them from using SSL.
Also, when the RSA patent expired, I predicted a two-to-three-year skew because patents give a monopoly on “make,” “sell,” or “use.” A properly paranoid person wouldn’t start development until after the patent expires. And we did start seeing a lot of innovative use after the patent expired, particularly in open source.
I have a rule, that is that if a technology needs the network effect to be useful, then patents slow down adoption because it is a limited monopoly on use.
I think the practical aspects of technology often get in the way. It certainly depends in which field but I don’t feel that patents in the computing industry are holding things back, at least not like they do in the pharmaceutical industry. Implementing stuff really well, in a cost-effective way, and educating the market on why it is useful and worth paying for is generally far harder than the original patent.
Mordaxus writes: “And we did start seeing a lot of innovative use after the patent expired, particularly in open source.”
We did?
Patents do create a drag, like sand in the wheels, but if one is careful they are no more of a drag than any other of 100 factors. It’s very rare that there isn’t an alternative which isn’t workable.
Perhaps as applicable, patents tend to be a touchstone for complaints that often far outweigh their direct effect. A canonical example is the blinding patents, which were bemoaned for their entire life. Yet, there are plenty of ways to do that stuff without the patents, and when the first patent expired, nobody noticed except the hard core cypherpunks. Meanwhile, those hard core cypherpunks never noticed that the market judged in favour of simple web site based monies (Paypal was originally a PDA tool that *could* have used blinding).
I suspect that the expiry of the RSA patent didn’t lead to a visible explosion of new cryptographic uses/applications because (1) infringement was rampant among users of open-source and offshore-sourced software, especially because the RSA patent was only enforceable in the US; and (2) the RSA algorithm itself didn’t enable especially interesting applications, it was the RSA algorithm + a symmetric crypto algorithm + a well-known protocol (e.g, SSL/TLS or S/MIME or PGP messaging or whatever) that was interesting. The most widely used crypto protocol/application in use at the time that the RSA patent expired was SSL, which required the use of RC4, which was at that time still an algorithm that RSA claimed was their proprietary intellectual property (trade secret), despite widely disclosed implementations. (I’ve lost track of RC4’s legal status – perhaps RSA still claims it’s a trade secret.)
And, again, the RC4 IP claims were widely ignored among individuals and people outside the US jurisdiction; effectively, the US’ crypto export control scheme encouraged the development of foreign crypto development expertise, which meant that at the time of expiration, there were publishers, developers, and users who had no practical reason to pay any attention to RSA’s IP claims, since they were already operating outside of the reach of US law.
Pre-expiry of the patent, RSA made it very tough to get a bare patent license to the RSA algorithm – they much preferred to license the algorithm along with some of their copyright/trade secret code and libraries, which they continued to own and license after expiration – so for US-based developers in business prior to expiration, the expiration itself wasn’t an especially significant milestone, since the libraries they licensed from RSA continued to be subject to RSA’s other IP claims.