Russia launched a full-scale invasion of one of its sovereign neighbors, prompting condemnation and outrage from the rest of the globe. Russia’s access to money has been cut off by our governments and financial institutions. Our tech companies have sided with Ukraine against Russia, despite being vocally neutral in past wars. Putin took note and retaliated, with major ramifications for US big tech, Western IP holders, and our domestic cybersecurity policies.
Russia tries hard to control the narratives that its people can see, as is typical of a stranglehold autocrat that retains power through fear and intimidation. After previously censoring Facebook, the Russian government has now stopped Instagram.
WhatsApp, Meta’s second main social media network, may be blocked as well. For years, Russia has used social media to spread propaganda, but the Ukraine conflict has forced Big Tech to choose sides, with Russia punishing companies who promote material that the Kremlin wants hidden. For millions of Russian residents, the Russian authorities took Twitter down from the internet.
This conflict has been brewing since Russia’s election-related social media operations in 2016. According to the Washington Post, “The incremental escalations over the past two weeks between Russia and the tech giants has forced the companies to rethink the ways they police speech online, rewriting their rules as they go in response to the fast-moving conflict. … In the wake of Russian interference in the 2016 election and a global pandemic, companies including Facebook, Twitter and YouTube have moved away from a historically hands-off approach to policing the content on their platforms, creating new rules to attempt to halt the spread of misinformation that they said could cause real-world harm. But the Ukrainian conflict has prompted a flurry of new rule-changing and policymaking as the companies have banned state media outlets and allowed some speech previously considered to be hateful.”
Google’s YouTube platform has restricted all traffic from Russian official media, but the company had already disabled an app that helped Russians vote when Russian agents threatened Google executives in Russia. Apple has bowed to the Russian government by configuring iPhones in Russia to promote Kremlin-backed social media networks and refusing to activate Private Relay, which could help Russians access new international outlets. Russian law, dubbed “hostage law” by some, mandates huge IT companies to keep executives in the country. The growing chasm between the Kremlin and Big Tech may force many American corporations to depart Russia entirely.
Russia’s invasion of Ukraine has changed the world
The easing of patent enforcement, which basically allows Russian businesses to take protected Western technology without recourse, is Putin’s measure that may have the most significant long-term impact on US business. Russia, ever the cynical self-serving actor on the international arena, has never been a strong defender of business intellectual property rights. Russia, for example, was classified by the US Office of Foreign Assets Control last year. Trade Representative as one of the nine countries on a Priority Watch list for insufficient IP protection and enforcement, while Ukraine “continued to take positive steps . . . toward a transparent, fair, and predictable system for the collective management of copyright royalties.” Copyrights are a primary protection for the software business.
Patent holders who are “registered in hostile countries” lose legal rights as a result of Putin’s proclamation. The ruling could have an impact on pharmaceutical businesses with vaccine or other medication patents, and it could also be used to copy discoveries in the defense and technology industries. The more the value of a company’s patents in Russia, the more it stands to lose.
The next step along this path may be to remove trademark protections in Russia, allowing local businesses to effectively nationalize American and European brands in order to serve the Russian people. The Washington Post reports, “The Kremlin has not issued any decree lifting protections on trademarks. But Russia’s Ministry of Economic Development said last week that authorities are considering “removing restrictions on the use of intellectual property contained in certain goods whose supply to Russia is restricted,” according to Russian state news outlet Tass, and that potential measures could affect inventions, computer programs and trademarks.” This might allow Russian oligarchs to take over local McDonald’s franchises and open outlets under the company’s trademarks without having to pay McDonald’s or fear legal IP enforcement. It might also allow Russian enterprises to run pirated copies of US and European software and sell them in Western-branded packages and under Western-branded brands. We don’t know how long these directives will be in effect; they could signal the start of a new normal in which Russia just ignores international IP regulations without consequence.
The unjustified Russian invasion on Ukraine, as well as the Western response, are having indirect ramifications for US commercial technology. Putin is expected to urge his electronic hacker army to target crucial infrastructure in the United States and Europe, as well as other significant firms and institutions, given the escalating hostilities. We can definitely thank this possibility for Congress moving quickly to pass a federal data security reporting bill, which will be the first broad non-sector-specific federal incident reporting requirement signed into law.
The Consolidated Appropriations Act, which should be signed by President Biden by the time this column is published, was enacted by both chambers of Congress last week. The Cyber Incident Reporting for Critical Infrastructure Act, which requires certain companies across industries to report significant cyber incidents and ransomware attacks to the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency (CISA), is included in this massive government spending package. When the CISA Director adopts guidelines that include these criteria, we won’t know which organizations are affected by the new reporting requirements or what kind of cyber-attack will need to be reported for more than a year.
Financial organizations must report some cyber incidents, while other important industries such as energy, telecommunications, and healthcare may not be obligated to do so as long as personal data was not compromised. CISA Director Jen Easterly issued a statement saying, “Put plainly, this legislation is a game-changer. Today marks a critical step forward in the collective cybersecurity of our nation,” and that “CISA will use these reports from our private sector partners to build a common understanding of how our adversaries are targeting U.S. networks and critical infrastructure.
This data will close important information gaps, allowing us to immediately deploy resources and provide aid to victims of assaults, evaluate incoming reporting across sectors to find trends, and share that information with network defenders to warn other prospective victims.” The Biden administration has recently urged businesses to disclose breaches, but this new legislation will create a mandatory reporting environment that could spread to other US industries. The invasion of Ukraine by Russia has changed the world. Western technology and intellectual property will be impacted in ways we never imagined, and we will have to live with the consequences for the rest of our lives.
You can see a list Russia IP firms here.