Technology, Standards and Today's SDOs
An Interview with Andrew Updegrove
Andrew Updegrove, co-founder of Boston-based technology law firm Gesmer Updegrove LLP, has written extensively about standards and standards setting organizations based on his experience representing more than 100 such groups.
Technologies today are becoming increasingly more complicated and cross-sectoral in nature. Does the traditional model of standards development need to evolve to meet new challenges? If so, how? What do you feel is the role of standards in these systems and why are they important?
Historically, standards have come from industry-specific standards setting organizations, especially in the U.S., with its private sector-dominated, bottom-up approach to standards development. This approach allowed those that were most motivated and knowledgeable to fill their needs in the way and on the schedule that best met their situations. What has evolved are the roughly 200 American National Standards Institute-accredited, industry-specific, standards development "silos" that exist today. The subordinate role of the public sector was even institutionalized by the passage of the National Technology Transfer and Advancement Act in 1995, which required government agencies to use private consensus standards in preference to "government unique" standards whenever they were available and appropriate, and encouraged agency personnel to participate in SSO standards development activities.
Until recently, this system has served our needs very well. For example, heating, ventilating and air conditioning manufacturers were primarily concerned with creating standards for ductwork, fans and the like while computer companies standardized elements like connectors and electronic media formats. Except in the case of building controllers, neither of these two worlds intersected at all.
The advent of the Internet, however, has exposed the inability of this system to provide rapid solutions for many modern day challenges, such as enabling the Smart Grid, electronic health records, cybersecurity and rapid disaster response. Our ability to address these challenges necessarily depends on whether vast networks of hardware, software and telecommunications products and services can "talk" to each other and whether they will have the right things to "say."
As a result, the output of dozens of different SSOs is needed to provide a solution. To make the Smart Grid real, HVAC manufacturers will need to implement, or interface with, green building standards, wireless standards, interactive power payment standards, solar array standards, battery standards and much more. Many of these standards do not yet exist. They are being created in parallel in such a way as to work well together, guided by framework and profile standards that also needed to be developed.
Until now there has been no reason for hundreds of SSOs to agree on a way to embark on this sort of initiative - but those days are over. If we want to maintain national competitiveness and add, rather than lose, high paying jobs, we must develop and then institutionalize a way of tackling such ambitious, cross-sectoral, standards-dependent challenges.
You have recently written extensively about the role of government participation in standards development. Why do you feel that this partnership needs to be adjusted? What do you feel that government and standards development organizations should do to collaborate more productively?
I like to use the word optimization to describe what is needed, and I think that changes are needed on both sides of the equation. Private industry needs to think of government involvement as assistance rather than interference, and government needs to be willing to catalyze private sector standards in ways that the private sector isn't likely to agree upon on its own. Government also needs to do this in ways that industry will find nonthreatening and support these efforts economically.
The current experience with EHRs and the Smart Grid provides an excellent example of how this can be done. While the private sector is creating the standards, it has been the Obama administration that has provided the incentive (through substantial economic commitments), leadership (through incorporation of these goals into policy priorities), and facilitation (by charging the National Institute of Standards and Technology with enabling joint action) necessary to bring hundreds of industry participants and SSOs to the table.
ANSI has played an important role in the past by convening panels to bring cross-sectoral casts of players together, but it doesn't have the authority or the resources that the federal government has to make things happen. Moreover, as an avowedly U.S.-centric organization, ANSI has a hard time attracting global consortia into its activities.
In my view, Congress should ask NIST and ANSI1 to enter into a closer relationship targeted at facilitating the launch and maintenance of ambitious standards-dependent initiatives like the Smart Grid. This connection would give each the incentive to invest the resources and acquire the experience necessary to launch new, nationally important initiatives quickly and cost-effectively in the future.
What is the role of standards and consortia in the information and communications technology industry? What are the general benefits and disadvantages of consortia developing standards? Are consortia standards accepted globally?
While traditional ANSI-accredited SSOs remain the "go-to" venues for standards development in most industries, this is no longer the default setting for the information technology and, to a lesser extent, the communications technology, industries.
Today, there are hundreds of new consortia active in these areas, most of which carry out technical processes that are indistinguishable from those supported by accredited SSOs. You can find the most complete list of SSOs in existence at my website, www.consortiuminfo.org, sorted by industry and technical area. Some of these SSOs were founded to create a single standard, while others, like the World Wide Web Consortium (W3C) and OASIS (Organization for the Advancement of Structured Information Standards), have matured into domain centers of excellence supporting up to 50 or more working groups at any time.
Why did consortia enter the scene? Largely, it was because information and communications technology vendors became impatient with the leisurely standards development pace of traditional SSOs (a differential that is less apparent today). Also, traditional SSOs rarely provided a venue where vendors could collaborate on the types of promotional and other activities that might speed rapid adoption of new standards.
Consortia recruit members internationally and release their standards directly to a global audience. Given that the intended community of adopters for ICT standards is by definition global, many vendors concluded that it made more sense to create ICT standards from the outset through global organizations rather than follow a more traditional two-step process (e.g., create an American National Standard first, and then submit it for adoption as an International Organization for Standardization or International Electrotechnical Commission standard).
Today, ICT and other consortium standards achieve ubiquitous global implementation with little attention being paid to their point of origin. Even those governments that default to globally certified standards have no real choice but to follow when the marketplace pervasively implements a consortium-developed standard.
At the same time, some of the more nimble traditional SSOs, like the Institute of Electrical and Electronics Engineers, and ASTM International, are reacting to the same market forces by becoming more "consortium-like," attracting increasingly international memberships and becoming more selective in which standards they submit to ISO and IEC for consideration. In short, the dividing line between consortia and traditional SSOs is becoming increasingly indistinct.
Patents and other types of intellectual property rights for standards are becoming more of a challenge for some standards development organizations and for those that implement standards. Where do you see this issue headed in the next few years? What are the implications of such issues?
This is another area where cross-sectoral issues arise. In many industries, the incorporation of fee-bearing technology into a standard is well tolerated. In others, the need to pay royalties and/or enter into multiple, independently negotiated patent licenses is felt to be very burdensome. Where hundreds of standards may be implemented in a single product - like a smart phone - a different dynamic enters the picture: if any significant percentage of those standards bore a royalty at a traditional rate, the product would become prohibitively expensive. Forming a patent pool can abate the problem, but persuading every patent owner to enter such a pool can be quite difficult.
The development of new networks and business models such as the Internet, the Web and open source software has also given rise to expectations that are inconsistent with the traditional exercise of patent rights in standards development. This leads some ICT industry participants to find the "one size fits all" approach of ISO, IEC and the International Telecommunication Union common patent policy less appealing than the consortium approach, which permits greater freedom of choice in IPR policy formulation.
Finally, the governments of some countries have recently considered (e.g., in the European Union and China) and even enacted (e.g., in India) requirements that government procurement be limited to products implementing standards that are royalty-free.
We can expect to engage in active discussions over the proper scope of SSO IPR policies for quite a few years to come. Importantly, standards development will continue without interruption or significant disruption while this dialogue continues.
What benefits can be gained from managing or using a certification program? How do such programs advance standards and standardization?
Certification programs play three main functions: they credential products for domestic and international sales where legally required, they vouch to commercial customers that their contracting requirements have been fulfilled and they reassure customers that their purchasing expectations have been met. Interoperability standards are particularly important to government, enterprise and consumer purchasers, as they lead to a wide array of "plug-and-play" products, lower prices and a rich array of differentiating features.
A variety of examples of the value of certification and branding can be found in the consumer wireless space. A consortium client of mine called the NFC Forum has just launched a certification and branding program to inform customers that compliant products (like cameras and public transportation fare cards) can simply be touched to compliant devices (like picture printing kiosks and subway turnstiles) to perform tasks and complete transactions.
Similarly, the WiFi Alliance was created to support a standard developed by IEEE. It is the alliance that trademarked and promoted the WiFi name, developed and manages the certification program, and licenses the WiFi brand. Absent this effort, one of the other standards that was originally competing for adoption for the same usage might have triumphed instead. The Bluetooth standard found its way into hundreds of millions of wireless-enabled headsets and other products as a result of a similar certification and branding effort.
You have suggested that there is a need for an easily accessible database of global standards, or a standards clearinghouse, for users to better determine the availability of existing standards and the status of work under development. What are the challenges and benefits of such a repository of standards information?
The list of ICT standards developers that I maintain includes more than 600 currently active SSOs supporting thousands of sometimes overlapping technical working groups. Some of these SSOs are not widely known, and may maintain few, if any, liaison relationships with other SSOs. Because of technology convergence, new technical work can also pop up in organizations where it would not have been expected before (remember the HVAC example?). And, most press releases relating to the launch of a new working group fail to attract much attention.
Many unfortunate results follow in addition to duplication of effort. SSOs find it hard to attract all of the contributors that might otherwise share the work and costs of development. It's also hard to attract public comments on drafts, to coordinate effectively with other SSOs on potentially synergistic work and to publicize the release of new standards. And it's hard for would-be adopters to learn of standards that they might otherwise consider adopting.
Ironically, one of the big impediments to creating such a database is that there is no standard for describing a standard. Despite the fact that there are now hundreds of XML schema standards that make it easy to trade information as varied as sports statistics, advertising copy and atomic characteristics, there is no XML schema to make it easy to search, use and analyze data about standards.
Once a database of searchable standards was created, anyone could determine whether a standard already existed or was under development, and whether there were competing standards to evaluate. Providing the very modest funding needed to support the creation of such a database is another example of how government could support the bottom-up standards development process on which all U.S. industry relies.
1. Updegrove notes: "While I should disclose that I am on the board of directors of ANSI, I must also emphasize that the opinions expressed above are mine alone."