Feeds

Tiny diamonds and quantum sensors can be used to measure conditions inside cells or living organisms, potentially offering a way to detect diseases or study biology in minute detail

How could we tell the difference between an ordinary black hole and one connected to a tunnel through space-time?

Japan’s LignoSat will test wood’s resilience in space and could lead to a new era of more sustainable, less polluting satellites

Faster-than-light warp drives are theoretically possible to build, and if aliens are using them, we should be able to detect the gravitational waves produced when one goes wrong

Scientists have identified a new species of pterosaur from a 100-million-year-old fossil in Australia, which appears to have had a massive tongue to push prey down its throat

Ultrathin gold was achieved with the help of a century-old sword-making technique

Chemists are hard at work figuring out how to make tattoos last—and ensure they’re safe.

A small trial has found that electrical stimulation of arm muscles while people do physiotherapy exercises leads to more improvement

Millions of hand-size Joro spiders are moving up the East Coast. Don’t panic

For someone with a deeply scientific job, Gil Herrera has a nearly mystical mandate: Look into the future and then shape it, at the level of strange quantum physics and inextricable math theorems, to the advantage of the United States.

Herrera is the newly minted leader of the National Security Agency’s Research Directorate. The directorate, like the rest of the NSA, has a dual mission: secure American systems and spy on the rest of the world. The budget is classified, a secret among secrets, but the NSA is one of the world’s largest spy agencies by any measure and Herrera’s directorate is the entire US intelligence community’s biggest in-house research and development arm. The directorate must come up with solutions to problems that are not yet real, in a world that doesn’t yet exist. 

In his first interview since getting the job, Herrera lays out the tech—and threats—his group will now be focusing on. His priorities show how much the NSA’s targets are changing, balancing its work surveilling terror groups with an appreciation of how rapidly the geopolitical landscape has shifted in recent years. And he explains why the rise of new technologies, in terms of both threat and opportunity, are at the heart of what his group must contend with.

To support MIT Technology Review’s journalism, please consider becoming a subscriber.

Herrera takes the helm as the agency faces new challenges. The bipolar world of the Cold War belongs to the history books. The United States’ quick turn as a lone superpower is over. The new world is a messier one, defined by an emerging era of great power competition among nations like the United States, China, and Russia. Meanwhile, the NSA is still recovering from a massive set of leaks published nine years ago about global and domestic surveillance programs that set off a firestorm of criticism and calls for reform and changed the average American’s perception of the NSA. The companies that worked with them recoiled in embarrassment and anger. And it also changed the way the NSA operates.

“We’re at a point now where we need to start focusing more on larger adversaries, more sophisticated adversaries, adversaries that don’t necessarily utilize commercial services,” says Herrera. “These are adversaries that have their own indigenous services and that create their own technology. So as a research directorate, we need to respond. We need to provide the technologies that allow us to interrogate the huge amounts of information brought to us and to help monitor the kinds of systems that are now emerging as a result of great power competition.” 

The rate of technological change is accelerating and becoming less predictable. 

“Any time there’s that kind of a shift, it’s complex,” says Herrera. “Each generation of technology presents its new challenges.” 

For example, the directorate has devoted significant resources toward mastering quantum computing, technology that has the potential to break the encryption used to protect sensitive data in the digital world of today and tomorrow. Powerful countries, companies, and universities are pouring money into the task of building a quantum computer powerful enough to perform exponentially faster than the computers of today.

“Great power competition drives the agenda,” says Herrera. “It changes the kind of technology and access we need. Technologies like quantum and 5G are part of that.”

The directorate has been at the forefront of quantum computing research since 1995, immediately following the advent of Shor’s algorithm, which showed how quantum computers can factor numbers exponentially faster than normal computers—exactly the kind of work needed to break encryption.

The directorate’s fingerprints now show up in the form of fundamental research advancing the field and even inside the most advanced computers built at giant tech firms. The highly publicized race to build the world’s best quantum computer is proof of this: both Google and IBM use the same basic building block in their machines to create quantum behavior, known as transmon qubits, which was invented under the directorate’s sponsorship. Historically, the NSA has been the single largest funder of academic quantum computing research, says Herrera. 

Herrera is hesitant to discuss specifics about what his directorate is zeroing in on, but when asked about the challenges of spying in a world of rapid technical advancement, he agrees and points to the emergence of 5G around the world. 5G brings its own new challenges for collecting intelligence, Herrera explains. Monitoring 5G successfully requires a deep understanding of what makes it fundamentally different from its predecessors: higher speed, lower range, more distribution nodes, different data protocols.

Understanding what will happen in the world tomorrow requires a mastery of the elements that will define it.

Future history

The NSA’s Research Directorate is descended from the Black Chamber, the first group of civilian codebreakers in the United States who were tasked with spying on cutting-edge technology, like the telegraph. Existing only from 1919 to 1929, the group decoded over 10,000 messages from a dozen nations, according to James Bamford’s 2001 book Body of Secrets: Anatomy of the Ultra-Secret National Security Agency. In addition to groundbreaking cryptanalytic work, the group succeeded by securing surveillance help from American cable companies like Western Union that could supply the newly minted US spies with sensitive communications to examine. 

The Black Chamber was shut down amid scandal when US Secretary of State Henry Stimson found out the group was spying on American allies as well as foes. The incident foreshadowed the 1975 Church Committee, which investigated surveillance abuses by American intelligence agencies, and the 2013 Snowden leaks, which exposed vast electronic surveillance capabilities that triggered a global reckoning. 

Just eight months after the Black Chamber was shuttered, the US, faced with the prospect of crippled spying capabilities in the increasingly unstable world of the 1930s, reformed the effort under the Army’s Signals Intelligence Service. One of just three people working with the Black Chamber’s old records, one of the founders of the SIS, which Bamford reports was kept a secret from the State Department, was the mathematician Solomon Kullback. 

Kullback was instrumental in breaking both Japanese and German codes before and during World War II, and he later directed the research and development arm of the newly formed National Security Agency. Within a year, that evolved into the directorate as we know it today: a distinct space for research that is not disrupted by the daily work of the agency.

“It’s important to have a research organization, even in a mission-driven organization, to be thinking beyond a crisis,” says Herrera, though he adds that the directorate does dedicate some of its work to the “crisis of the day.” It runs a program called “scientists on call,” which allows NSA mission analysts facing technical challenges while interrogating information to ask for help via email, giving them access to hundreds of scientists.

Forward looking

But the lion’s share of the directorate’s work is envisioning the technologies that are generations ahead of what we have today. It operates almost like a small, elite technical college, organized around five academic departments—math, physics, cyber, computer science, and electrical engineering—each staffed with 100 to 200 people.

The cybersecurity department defends the federal government’s national security and the country’s military-industrial base. This is the highest-profile department, and deliberately so. Over the last five years, the previously shadowy NSA has become more vocal and active in cybersecurity. It has launched public advisories and research projects that would once have been anathema for an organization whose existence wasn’t even acknowledged until 20 years after its founding. 

Now the products of NSA research, like Ghidra, a free, sophisticated reverse engineering tool that helps in the technical dissection of hacking tools, as well as other software, are popular, trusted, and in use around the world. They serve as powerful cybersecurity tools, a recruiting pitch, and a public relations play all wrapped into one. 

The physics department, which Herrera once directed, runs dozens of laboratories that conduct most of the work on quantum information sciences, but it has a much wider remit than that. As advancements in raw computing power threaten to slow and halt 60 years of predictably rapid computing growth, its physicists are exploring new materials and novel computing architectures to drive the next generation of computing into a less predictable future, exactly the kind of task the directorate was given when it first came into existence.

Meanwhile, the electrical engineering department has been looking closely at the physics and engineering of telecommunications networks since the internet first arose. As well as the issues around 5G, it also tackles every facet of the digital world, from undersea cables to satellite communications.

Some prospects on the horizon don’t fit neatly into any particular box. The computer science department’s work on artificial intelligence and machine learning, for example, cuts across cybersecurity missions and data analysis work with the mathematicians.

Herrera repeatedly raises the prospect of the directorate needing to develop greater capabilities in and understanding of rapidly advancing fields like synthetic biology. The NSA is hardly alone in this: Chinese military leaders have called biotech a priority for national defense. 

“Much of the competition in the world now is not military,” Herrera says. “Military competition is accelerating, but there is also dissemination of other technologies, like synthetic biologies, that are frankly alarming. The role of research is to help the NSA understand what the impact of those technologies will be. How much we actually get involved, I don’t know, but these are areas we have to keep an eye on.”

Finally, the math department, the directorate’s oldest, is unique. Herrera describes math as a core defining work of the directorate. The NSA is the country’s biggest employer of mathematicians, and the directorate boasts some of the best. Virtually every other department in the NSA’s Research Directorate suffers from having to compete with tech companies and the high salaries available in the private sector. The math department does not have that issue, Herrera says. Silicon Valley typically values software developers more than it does mathematicians.

The math department, often in conjunction with the computer science department, helps tackle one of NSA’s most interesting problems: big data. Despite public reckoning over mass surveillance, NSA famously faces the challenge of collecting such extreme quantities of data that, on top of legal and ethical problems, it can be nearly impossible to sift through all of it to find everything of value. NSA views the kind of “vast access and collection” that it talks about internally as both an achievement and its own set of problems. The field of data science aims to solve them.

“Everyone thinks their data is the messiest in the world, and mine maybe is because it’s taken from people who don’t want us to have it, frankly,” said Herrera’s immediate predecessor at the NSA, the computer scientist Deborah Frincke, during a 2017 talk at Stanford. “The adversary does not speak clearly in English with nice statements into a mic and, if we can’t understand it, send us a clearer statement.”

Making sense of vast stores of unclear, often stolen data in hundreds of languages and even more technical formats remains one of the directorate’s enduring tasks.

In the digital age, one of the primary goals of spying would be the ability to decode important data are currently protected by strong encryption. That’s why the Research Directorate’s mathematicians and computer scientists design and break cryptography algorithms for some of the world’s most sensitive systems.

The building and breaking of code is at the core of what the directorate does because, when the NSA looks into the future, what it sees is an increasingly digital world filled with data. Its ability to both protect and surveil it will help define great power competition for a long time.

“In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs,” a 2007 document from the agency explained. “It is the price of admission for the US to maintain unrestricted access to and use of cyberspace.”

“The Research Directorate exists to enable the mission,” Herrera says. “From atoms to systems, we do research with the mission in mind.”

A police officer is at the scene of a murder. No witnesses. No camera footage. No obvious suspects or motives. Just a bit of hair on the sleeve of the victim’s jacket. DNA from the cells of one strand is copied and compared against a database. No match comes back, and the case goes cold. 

Corsight AI, a facial recognition subsidiary of the Israeli AI company Cortica, purports to be devising a solution for that sort of situation by using DNA to create a model of a face that can then be run through a facial recognition system. It is a task that experts in the field regard as scientifically untenable. 

Corsight unveiled its “DNA to Face” product in a presentation by chief executive officer Robert Watts and executive vice president Ofer Ronen intended to court financiers at the Imperial Capital Investors Conference in New York City on December 15. It was part of the company’s overall product road map, which also included movement and voice recognition. The tool “constructs a physical profile by analyzing genetic material collected in a DNA sample,” according to a company slide deck viewed by surveillance research group IPVM and shared with MIT Technology Review. 

A photo of Corsight’s investor presentation showing its product roadmap that features “voice to face”, “DNA to face” and “movement” as an expansion of its face recognition capabilities.

Corsight declined a request to answer questions about the presentation and its product road map. “We are not engaging with the press at the moment as the details of what we are doing are company confidential,” Watts wrote in an email. 

But marketing materials show that the company is focused on government and law enforcement applications for its technology. Its advisory board consists only of James Woolsey, a former director of the CIA, and Oliver Revell, a former assistant director of the FBI.

To support MIT Technology Review’s journalism, please consider becoming a subscriber.

The science that would be needed to support such a system doesn’t yet exist, however, and experts say the product would exacerbate the ethical, privacy, and bias problems facial recognition technology already causes. More worryingly, it’s a signal of the industry’s ambitions for the future, where face detection becomes one facet of a broader effort to identify people by any available means—even inaccurate ones.

This story was jointly reported with Donald Maye of IPVM who reported that “prior to this presentation, IPVM was unaware of a company attempting to commercialize a face recognition product associated with a DNA sample.”

A checkered past

Corsight’s idea is not entirely new. Human Longevity, a “genomics-based, health intelligence” company founded by Silicon Valley celebrities Craig Venter and Peter Diamandis, claimed to have used DNA to predict faces in 2017. MIT Technology Review reported then that experts, however, were doubtful. A former employee of Human Longevity said the company can’t pick a person out of a crowd using a genome, and Yaniv Erlich, chief science officer of the genealogy platform MyHeritage, published a response laying out major flaws in the research. 

A small DNA informatics company, Parabon NanoLabs, provides law enforcement agencies with physical depictions of people derived from DNA samples through a product line called Snapshot, which includes genetic genealogy as well as 3D renderings of a face. (Parabon publishes some cases on its website with comparisons between photos of people the authorities are interested in finding and renderings the company has produced.) 

Parabon’s computer-generated composites also come with a set of phenotypic characteristics, like eye and skin color, that are given a confidence score. For example, a composite might say that there’s an 80% chance the person being sought has blue eyes. Forensic artists also amend the composites to create finalized face models that incorporate descriptions of nongenetic factors, like weight and age, whenever possible. 

Parabon’s website claims its software is helping solve an average of one case per week, and Ellen McRae Greytak, the company’s director of bioinformatics, says it has solved over 200 cases in the past seven years, though most are solved with genetic genealogy rather than composite analysis. Greytak says the company has come under criticism for not publishing its proprietary methods and data; she attributes that to a “business decision.” 

Parabon does not package face recognition AI with its phenotyping service, and it stipulates that its law enforcement clients should not use the images it generates from DNA samples as an input into face recognition systems. 

Parabon’s technology “doesn’t tell you the exact number of millimeters between the eyes or the ratio between the eyes, nose, and mouth,” Greytak says. Without that sort of precision, facial recognition algorithms cannot deliver accurate results—but deriving such precise measurements from DNA would require fundamentally new scientific discoveries, she says, and “the papers that have tried to do prediction at that level have not had a lot of success.” Greytak says Parabon only predicts the general shape of someone’s face (though the scientific feasibility of such prediction has also been questioned). 

Police have been known to run forensic sketches based on witness descriptions through facial recognition systems. A 2019 study from Georgetown Law’s Center on Privacy and Technology found that at least half a dozen police agencies in the US “permit, if not encourage” using forensic sketches, either hand drawn or computer generated, as input photos for face recognition systems. AI experts have warned that such a process likely leads to lower levels of accuracy. 

Corsight also has been criticized in the past for exaggerating the capabilities and accuracy of its face recognition system, which it calls the “most ethical facial recognition system for highly challenging conditions,” according to a slide deck presentation available online. In a technology demo for IPVM last November, Corsight CEO Watts said that Corsight’s face recognition system can “identify someone with a face mask—not just with a face mask, but with a ski mask.” IPVM reported that using Corsight’s AI on a masked face rendered a 65% confidence score, Corsight’s own measure of how likely it is that the face captured will be matched in its database, and noted that the mask is more accurately described as a balaclava or neck gaiter, as opposed to a ski mask with only mouth and eye cutouts. 

Broader issues with face recognition technology’s accuracy have been well–documented (including by MIT Technology Review). They are more pronounced when photographs are poorly lit or taken at extreme angles, and when the subjects have darker skin, are women, or are very old or very young. Privacy advocates and the public have also criticized facial recognition technology, particularly systems like Clearview AI that scrape social media as part of their matching engine. 

Law enforcement use of the technology is particularly fraught—Boston, Minneapolis, and San Francisco are among the many cities that have banned it. Amazon and Microsoft have stopped selling facial recognition products to police groups, and IBM has taken its face recognition software off the market. 

“Pseudoscience”

“The idea that you’re going to be able to create something with the level of granularity and fidelity that’s necessary to run a face match search—to me, that’s preposterous,” says Albert Fox Cahn, a civil rights lawyer and executive director of the Surveillance Technology Oversight Project, who works extensively on issues related to face recognition systems. “That is pseudoscience.”

Dzemila Sero, a researcher in the Computational Imaging Group of Centrum Wiskunde & Informatica, the national research institute for mathematics and computer science in the Netherlands, says the science to support such a system is not yet sufficiently developed, at least not publicly. Sero says the catalog of genes required to produce accurate depictions of faces from DNA samples is currently incomplete, citing Human Longevity’s 2017 study.

In addition, factors like the environment and aging have substantial effects on faces that can’t be captured through DNA phenotyping, and research has shown that individual genes don’t affect the appearance of someone’s face as much as their gender and ancestry does.  “Premature attempts to implement this technique would likely undermine trust and support for genomic research and garner no societal benefit,” she told MIT Technology Review in an email.

Sero has studied the reverse concept of Corsight’s system—“face to DNA” rather than “DNA to face”—by matching a set of 3D photographs with a DNA sample. In a paper in Nature, Sero and her team reported accuracy rates between 80% to 83%. Sero says her work should not be used by prosecutors as incriminating evidence, however, and that “these methods also raise undeniable risks of further racial disparities in criminal justice that warrant caution against premature application of the techniques until proper safeguards are in place.”

Law enforcement depends on DNA data sets, predominantly the free ancestry website GEDmatch, which was instrumental in the search for the notorious “Golden State Killer.”  But even DNA sampling, once considered the only form of scientifically rigorous forensic evidence by the US National Research Council, has recently come under criticism for problems with accuracy.  

Fox Cahn, who is currently suing the New York Police Department to obtain records related to bias in its use of facial recognition technology, says the impact of Corsight’s hypothetical system would be disastrous. “Gaming out the impact this is going to have, it augments every failure case for facial recognition,” says Fox Cahn. “It’s easy to imagine how this could be used in truly frightening and Orwellian ways.”

The future of face recognition tech

Despite such concerns, the market for face recognition technology is growing, and companies are jockeying for customers. Corsight is just one of many offering photo-matching services with flashy new features, regardless of whether they’ve been shown to work. 

Many of these new products look to integrate face recognition with another form of recognition. The Russia-based facial recognition company NtechLab, for example, offers systems that identify people based on their license plates as well as facial features, and founder Artem Kuharenko told MIT Technology Review last year that its algorithms try to “extract as much information from the video stream as possible.” In these systems, facial recognition becomes just one part of an apparatus that can identify people by a range of techniques, fusing personal information across connected databases into a sort of data panopticon.

Corsight’s DNA to face system appears to be the company’s foray into building a futuristic, comprehensive surveillance package it can offer to potential buyers. But even as the market for such technologies expands, Corsight and others are at increased risk of commercializing surveillance technologies plagued by bias and inaccuracy.

Correction: An earlier version of this story said that Parabon NanoLabs has “solved over 600 cases”. The company has worked on over 600 cases, solving over 200.

OpenAI has built a new version of GPT-3, its game-changing language model, that it says does away with some of the most toxic issues that plagued its predecessor. The San Francisco-based lab says the updated model, called InstructGPT, is better at following the instructions of people using it—known as “alignment” in AI jargon—and thus produces less offensive language, less misinformation, and fewer mistakes overall—unless explicitly told not to do so.

Large language models like GPT-3 are trained using vast bodies of text, much it taken from the internet, in which they encounter the best and worst of what people put down in words. That is a problem for today’s chatbots and text-generation tools. The models soak up toxic language—from text that is racist and misogynistic or that contains more insidious, baked-in prejudices—as well as falsehoods. 

OpenAI has made IntructGPT the default model for users of its application programming interface (API)—a service that gives access to the company’s language models for a fee. GPT-3 will still be available but OpenAI does not recommend using it. “It’s the first time these alignment techniques are being applied to a real product,” says Jan Leike, who co-leads OpenAI’s alignment team.

Previous attempts to tackle the problem included filtering out offensive language from the training set. But that can make models perform less well, especially in cases where the training data is already sparse, such as text from minority groups.

The OpenAI researchers have avoided this problem by starting with a fully trained GPT-3 model. They then added another round of training, using reinforcement learning to teach the model what it should say and when, based on the preferences of human users.  

To train InstructGPT, OpenAI hired 40 people to rate GPT-3’s responses to a range of prewritten prompts, such as, “Write a story about a wise frog called Julius” or “Write a creative ad for the following product to run on Facebook.” Responses that they judged to be more in line with the apparent intention of the prompt-writer were scored higher. Responses that contained sexual or violent language, denigrated a specific group of people, expressed an opinion, and so on, were marked down. This feedback was then used as the reward in a reinforcement learning algorithm that trained InstructGPT to match responses to prompts in ways that the judges preferred. 

OpenAI found that users of its API favored InstructGPT over GPT-3 more than 70% of the time. “We’re no longer seeing grammatical errors in language generation,” says Ben Roe, head of product at Yabble, a market research company that uses OpenAI’s models to create natural-language summaries of its clients’ business data. “There’s also clear progress in the new models’ ability to understand and follow instructions.”

“It is exciting that the customers prefer these aligned models so much more,” says Ilya Sutskever, chief scientist at OpenAI. “It means that there are lots of incentives to build them.”

The researchers also compared different-sized versions of InstructGPT and found that users preferred the responses of a 1.3 billion-parameter InstructGPT model to those of a 175 billion-parameter GPT-3, even though the model was more than 100 times smaller. That means alignment could be an easy way of making language models better, rather than just increasing their size, says Leike.

“This work takes an important step in the right direction,” says Douwe Kiela, a researcher at Hugging Face, an AI company working on open-source language models. He suggests that the feedback-driven training process could be repeated over many rounds, improving the model even more. Leike says OpenAI could do this by building on customer feedback.

InstructGPT still makes simple errors, sometimes producing irrelevant or nonsensical responses. If given a prompt that contains a falsehood, for example, it will take that falsehood as true. And because it has been trained to do what people ask, InstructGPT will produce far more toxic language than GPT-3 if directed to do so.

Ehud Reiter, who works on text-generation AI at the University of Aberdeen, UK, welcomes any technique that reduces the amount of misinformation language models produce. But he notes that for some applications, such as AI that gives medical advice, no amount of falsehood is acceptable. Reiter questions whether large language models, based on black-box neural networks, could ever guarantee user safety. For that reason, he favors a mix of neural networks plus symbolic AI, hard-coded rules constrain what a model can and cannot say.

Whatever the approach, much work remains to be done. “We’re not even close to solving this problem yet,” says Kiela.

Lisa Levy is a housing case manager at Columbus House in New Haven, Connecticut, where she oversees residents in a complex of 25 apartments. Each of her clients has a dual diagnosis of severe mental illness and a substance use disorder, and all have been homeless. “They’re among the most vulnerable people,” Levy says, “and my job is to keep them housed.”

Levy has struggled to get covid tests for her clients, particularly as the omicron variant spread rapidly across the US and many of them fell sick. When the White House launched its website COVIDtests.gov last week offering four free tests per household, she says, she thought each client would get four free tests—a godsend for a group of people who desperately needed tests but couldn’t afford them and were often too unhealthy to stand in line for them.

She immediately went to the website and entered information for the first apartment, 101. When she tried to order tests for the next apartment, she was told she had already ordered the maximum number for her address. Over the next few days, Levy tried to fix the problem: She called the hotline and the US Postal Service, which is responsible for delivering the tests, scoured Facebook for tips, and tried switching the information in the address and apartment lines on the online form, all to no avail.

To support MIT Technology Review’s journalism, please consider becoming a subscriber.

Levy isn’t the only one struggling to get hold of tests. People living in apartments have repeatedly reported problems with the website, whose form often conflates apartments with buildings, meaning only one of the residents in any given apartment block has been able to register for the test kits. 

In addition to web glitches, the initiative seems to have left out some groups from consideration entirely, according to data from the University of North Carolina at Chapel Hill, including people without fixed addresses; the 11.8 million US households that have more than four members, who are more likely to be nonwhite; the 7.5 million households that do not have home internet access; and the 3.5 million that do not speak English or Spanish, the two languages in which the site is currently available. 

Far from reducing unequal access to testing, the initiative has highlighted it, with many of the most vulnerable, poorest people still unable to get tests.

The White House has deflected criticism of the problem, with Assistant Press Secretary Kevin Munoz telling The Verge that the errors “were only a small percentage” of overall experiences. Press Secretary Jen Psaki added, “Every website, in our view, comes with risk. We can’t guarantee there won’t be a bug or two.”

​​But as has so often happened during this pandemic, where the government has failed, citizens have stepped in via the internet.

Almost immediately after the site launched, Twitter posts began appearing from people wanting to donate tests, and some groups that helped people find vaccine appointments last year pivoted to helping people get tests. The Facebook group Maryland Vaccine Hunters, for example, which started out crowdsourcing information about vaccine appointments, now posts up-to-date details about where to buy rapid tests and facilitates test donations. 

Mutual aid groups—community organizations that trade goods and services for people in need—have gone mainstream during the pandemic and have become increasingly active by offering protective equipment, helping people book vaccine appointments and, more recently, distributing tests. 

One such group is Serve Your City, a Washington, DC nonprofit that works with the city’s homeless population. To figure out who needed tests, Serve Your City referred to data collected from a hotline it had set up to help underprivileged people get vaccine appointments.

Still, these crowdsourced efforts come with a catch: they require reliable access to the internet. Maryland Vaccine Hunters has a robust Facebook thread of people willing to donate tests. But how can they help people who can’t get online?

Alternative routes to getting tests have been riddled with issues. In addition to the quirks of the online form, the White House did not set up a hotline until a couple of days after the launch, so people who needed to use the phone couldn’t get help. It’s also unclear who exactly oversees equitable distribution of the tests: representatives of the hotline referred us to the Centers for Disease Control and Prevention, which in turn referred us to the White House, which didn’t respond to requests for comment. Neither did the US Department of Health and Human Services or the US Postal Service.

That means people who are in dire need of these tests continue to have trouble procuring them.

“Covid is hitting this population the hardest,” Levy says of her clients. “They are on disability, they have limited resources, a lot of them are Black or Hispanic. They’re people who are really vulnerable.” On January 24, Levy called the hotline to try to place an order for residents in her building for the umpteenth time, but she was unsuccessful yet again.

Additional reporting by Eileen Guo.

Last month, I attended the American Geophysical Union meeting in New Orleans, where 26,000 geoscientists convened in person and virtually to share the latest Earth and climate science. Maybe a hundred of those people were there to talk about research on solar geoengineering—the idea of reflecting a fraction of incoming sunlight to cool a warming planet.  

Contrary to popular belief, research on this topic is anemic; it has been more or less stuck for several years. I saw mothers with dark circles under their eyes presenting on Zoom to nearly empty conference rooms. Scientists from the National Center for Atmospheric Research on the mesa south of Boulder, Colorado, Zoomed in to share updated modeling scenarios; a few weeks later, NCAR would clock 90-mile-per-hour winds in a suburban firestorm that flattened surrounding neighborhoods. At the poster session, I saw the same woman I had seen at an AGU meeting five years ago, waiting to tell someone about her idea for preserving Arctic ice with reflective, hollow glass microspheres. Meanwhile, one aisle over in the Cryosphere area, people were jammed shoulder to shoulder—despite the pandemic—to hear about the collapsing “doomsday” glaciers.  

To support MIT Technology Review’s journalism, please consider becoming a subscriber.

This is the context of the International Solar Geoengineering Non-Use Agreement, proposed by a group of more than 60 senior scholars last week. They argue that the technology cannot be governed fairly and poses “an unacceptable risk.”

A non-use agreement on solar geoengineering sounds great at first glance. Indeed, we should have a moratorium on the use of solar geoengineering, since the concept is so immature and theoretical; the science isn’t there to understand what reflecting sunlight would do to ecosystems, climate, or human systems. Nor is it a new idea: leading researchers proposed such a moratorium nearly 10 years ago in Science. We should also have a ban on patenting technologies, as suggested in this non-use agreement. 

The trouble with last week’s proposal is that it fails to adequately distinguish research from development or deployment. It’s a thinly veiled (or maybe not at all veiled) attempt to stifle research on the topic. Last year, the authors wrote a letter to Nature, objecting to an editorial titled “Give research on solar geoengineering a chance.” Their stance: “We call on our governments and funding agencies to halt the normalization of research into planetary solar-geoengineering technologies.” 

The non-use agreement doesn’t strictly prohibit “legitimate climate research.” Rather, it calls for a commitment to banning outdoor experiments and prohibiting national funding agencies from “supporting the development” of solar geoengineering technologies, both domestically and through international institutions. The non-use proposal further says that countries should “object to future institutionalization of planetary solar geoengineering as a policy option in relevant international institutions, including assessments by the Intergovernmental Panel on Climate Change.” So we would not be able to know how the foremost body of international scientists appraises the science. 

What is the real goal here? It’s not to build knowledge or encourage deliberation, but to make research unpalatable. The extended argument these authors published sketches out a vision where philanthropic foundations express their support for non-use and publicly declare not to the fund the development of solar geoengineering technologies. Universities, science associations, civil society organizations, parliaments, and more would also publicly support the International Non-Use Agreement. The result? “All of this would make such technologies increasingly unattractive for any serious research group to invest in, including in countries that might not immediately sign the international non-use agreement.”  

In other words, the idea is to create such intense social pressure that no serious research group would want to spend time on solar geoengineering for fear of criticism. Philanthropies and government agencies would hesitate to fund such research for the same reason.  

That would be a problem, because solar geoengineering might actually have significant benefits. Solar geoengineering could substantially offset global temperature rise and potentially offset serious secondary impacts, such as reduction in crop yields and increased frequency and intensity of hurricanes and typhoons. We don’t know everything about what it would do. But there is a strong humanitarian case for learning more, even if learning more reveals that the downsides outweigh the benefits. 

Intense social pressure to cease solar geoengineering research won’t mean that all such research will end—it means that researchers who care about openness and transparency might stop their activities, and the ones who continue might be less responsive to public concerns. They will be supported by funders that don’t care about public opinion—perhaps private actors or militaries—and we might not hear about all the findings. Autocratic regimes would be able to take the lead; we might have to rely on their expertise in the future if we’re not successful in phasing out fossil fuels. And scientists in developing countries—already disadvantaged in terms of participating in this research—may be even less able to do so if international institutions and philanthropies are not providing funds.  

Solar geoengineering research needs public funding through national science agencies. This can help ensure several important things. It can maintain public oversight of the research and enable the design of research programs where social scientists and governance scholars are integrated from the outset, producing the critical type of interdisciplinary research this topic demands. What’s more, public funding can be designed to encourage international scientific cooperation. For example, a paper presented at AGU that looked at the impacts of solar geoengineering on crop yields included researchers from Norway, the US, South Korea, and China. We want to continue this kind of cooperation, not stifle it. 

Perhaps most important, national funding agencies can structure research programs to examine the potential risks and benefits in a comprehensive way, making sure to give full attention to everything that could go wrong. Without this systematic approach, what gets published may be a trickle of studies showcasing only the most stellar results, making solar geoengineering look better than it is. Is that study about crop yields good? What does it miss? To find out the answers, we need more studies, not fewer, and we need bodies like the IPCC to assess them all together. 

No scientist is happy about the prospect of solar geoengineering. But we are going to need a pipeline of thoughtful, experienced people who understand both the science and the governance issues. If we disincentivize people from developing that expertise, we may not like the results. 

Good science takes years to develop. If we put off research until the 2030s, we could find ourselves in a world that’s made some uneven progress on the reduction of greenhouse-gas emissions but not enough, with temperatures still headed toward 3 °C of warming. We can’t then suddenly hope to produce rigorous science that would help us understand whether solar geoengineering is advisable. For a start, the US should follow the well-thought-out recommendations set up by the National Academies of Sciences, Engineering, and Medicine committee that recently grappled with this, and fund a modest, careful research program now. 

Holly Jean Buck is an assistant professor of environment and sustainability at the University at Buffalo and the author of Ending Fossil Fuels: Why Net Zero Is Not Enough. 

Moving to the cloud is all the rage. According to an IDC Survey Spotlight, Experience in Migrating Databases to the Cloud, 63% of enterprises are actively migrating their databases to the cloud, and another 29% are considering doing so within the next three years.

This article discusses some of the risks customers may unwittingly encounter when moving their database to a database as a service (DBaaS) in the cloud, especially when the DBaaS leverages open source database software such as Apache Cassandra, MariaDB, MySQL, Postgres, or Redis. At EDB, we classify these risks into five categories: support, service, technology stagnation, cost, and lock-in. Moving to the cloud without sufficient diligence and risk mitigation can lead to significant cost overruns and project delays, and more importantly, may mean that enterprises do not get the expected business benefits from cloud migration.

Because EDB focuses on the Postgres database, I will draw the specifics from our experiences with Postgres services, but the conclusions are equally valid for other open source database services.

Support risk. Customers running software for production applications need support, whether they run in the cloud or on premises. Support for enterprise-level software must cover two aspects: expert advice on how to use the product correctly, especially in challenging circumstances, and quickly addressing bugs and defects that impact production or the move to production.

For commercial software, a minimal level of support is bundled with the license. Open source databases don’t come with a license. This opens the door for a cloud database provider to create and operate a database service without investing sufficiently in the open source community to address bugs and provide support.

Customers can evaluate a cloud database provider’s ability to support their cloud migration by checking the open source software release notes and identifying team members who actively participate in the project. For example, for Postgres, the release notes are freely available, and they name every individual who has contributed new features or bug fixes. Other open source communities follow similar practices.

Open source cloud database providers that are not actively involved in the development and bug fixing process cannot provide both aspects of support—advice and rapid response to problems—which presents a significant risk to cloud migration.

Service risk. Databases are complex software products. Many users need expert advice and hands-on assistance to configure databases correctly to achieve optimal performance and high availability, especially when moving from familiar on-premises deployments to the cloud. Cloud database providers that do not offer consultative and expert professional services to facilitate this move introduce risk into the process. Such providers ask the customer to assume the responsibilities of a general contractor and to coordinate between the DBaaS provider and potential professional services providers. Instead of a single entity they can consult to help them achieve a seamless deployment with the required performance and availability levels, they get caught in the middle, having to coordinate and mitigate issues between vendors.

Customers can reduce this risk by making sure they clearly understand who is responsible for the overall success of their deployment, and that this entity is indeed in a position to execute the entire project successfully.

Technology stagnation risk. The shared responsibility model is a key component of a DBaaS. While the user handles schema definition and query tuning, the cloud database provider applies minor version updates and major version upgrades. Not all providers are committed to upgrading in a timely manner—and some can lag significantly. At the time of this writing, one of the major Postgres DBaaS providers lags the open source community by almost three years in their deployment of Postgres versions. While DBaaS providers can selectively backport security fixes, a delayed application of new releases can put customers in a situation where they miss out on new database capabilities, sometimes for years. Customers need to inspect a provider’s historical track record of applying upgrades to assess this exposure.

A similar risk is introduced when a proprietary cloud database provider tries to create their own fork or version of well-known open source software. Sometimes this is done to optimize the software for the cloud environment or address license restrictions. Forked versions can deviate significantly from the better-known parent or fall behind the open source version. Well-known examples of such forks or proprietary versions are Aurora Postgres (a Postgres derivative), Amazon DocumentDB (with MongoDB compatibility), and Amazon OpenSearch Service (originally derived from Elasticsearch).

Users need to be careful when adopting cloud-specific versions or forks of open source software. Capabilities can deviate over time, and the cloud database provider may or may not adopt the new capabilities of the open source version.

Cost risk. Leading cloud database services have not experienced meaningful direct price increases. However, there is a growing understanding that the nature of cloud services can drive significant cost risk, especially in the case of self-service and rapid elasticity combined with an intransparent cost model. In on-premises environments, database administrators (DBAs) and developers must optimize code to achieve performance with the available hardware. In the cloud, it can be much more expedient to ask the cloud provider to increase provisioned input/output operations per second (IOPS), compute, or memory to optimize performance. As each increase instance drives up cost, such a short-term fix is likely to have long-lasting negative cost impacts. 

Users mitigate the cost risk in two ways: (1) close supervision of the increases of IOPS, CPU, and memory to make sure they are balanced against the cost of application optimization; (2) scrutiny of the cost models of DBaaS providers to identify and avoid vendors with complex and unpredictable cost models.

Lock-in risk. Cloud database services can create a “Hotel California” effect, where data cannot easily leave the cloud again, in several ways. While data egress cost is often mentioned, general data gravity and the integration with other cloud-specific tools for data management and analysis are more impactful. Data gravity is a complex concept that, at a high level, purports that once a business data set is available on a cloud platform, more applications likely will be deployed using the data on that platform, which in turn makes it less likely that the data can be moved elsewhere without significant business impact.

Cloud-specific tools are also a meaningful driver for lock-in. All cloud platforms provide convenient and proprietary data management and analysis tools. While they help derive business value quickly, they also create lock-in.

Users can mitigate the cloud lock-in effect by carefully avoiding the use of proprietary cloud tools and by making sure they only use DBaaS solutions that support efficient data replication to other clouds.

Planning for risk. Moving databases to the cloud is undoubtedly a target for many organizations, but doing so is not risk-free. Businesses need to fully investigate and understand potential weaknesses of cloud database providers in the areas of support, services, technology stagnation, cost, and lock-in. While these risks are not a reason to shy away from the cloud, it’s important to address them up front, and to understand and mitigate them as part of a carefully considered cloud migration strategy.

This content was produced by EDB. It was not written by MIT Technology Review’s editorial staff.

For organizations in today’s complex business environment, data is like water—essential for survival. They need to process, analyze, and act on data to drive business growth—to predict future trends, identify new business opportunities, and respond to market changes faster. Not enough data? Businesses die of thirst. Dirty data? Projects are polluted by “garbage in/garbage out.” Too much data for the organization’s analytical capabilities? Businesses can drown in the data flood in their struggle to tap its potential.

But the right amount of data, clean and properly channeled, can quench a business’s thirst for insights, power its growth, and carry it to success, says Matt Baker, senior vice president of corporate strategy at Dell Technologies. Like water, data is not good or bad. The question is whether it’s useful for the purpose at hand. “What’s difficult is getting the data to align properly, in an inclusive way, in a common format,” Baker says. “It has to be purified and organized in some way to make it usable, secure, and reliable in creating good outcomes.”

Many organizations are overwhelmed by data, according to a recently commissioned study of more than 4,000 decision-makers conducted on Dell Technologies’ behalf by Forrester Consulting.1 During the past three years, 66% have seen an increase in the amount of data they generate—sometimes doubling or even tripling—and 75% say demand for data within their organizations has also increased.

The research company IDC estimates that the world generated 64.2 zettabytes of data in 2020, and that number is growing at 23% per year. A zettabyte is a trillion gigabytes—to put that in perspective, that’s enough storage for 60 billion video games or 7.5 trillion MP3 songs.

The Forrester study showed that 70% of business leaders are accumulating data faster than they can effectively analyze and use it. Although executives have enormous amounts of data, they don’t have the means to extract insights or value from it—what Baker calls the “Ancient Mariner” paradox, after the famous line from Samuel Taylor Coleridge’s epic poem, “Water, water everywhere and not a drop to drink.”

Data streams turn to data floods 

It’s easy to see why the amount and complexity of data are growing so fast. Every app, gadget, and digital transaction generates a data stream, and those streams flow together to generate even more data streams. Baker offers a potential future scenario in brick-and-mortar retailing. A loyalty app on a customer’s phone tracks her visit to an electronics store. The app uses the camera or a Bluetooth proximity sensor to understand where it is and taps the information the retailer already has about the customer’s demographics and past purchasing behavior to predict what she might buy. As she passes a particular aisle, the app generates a special offer on ink cartridges for the customer’s printer or an upgraded controller for her game box. It notes which offers result in sales, remembers for the next time, and adds the whole interaction to the retailer’s ever-growing pile of sales and promotion data, which then may entice other shoppers with smart targeting.

Adding to the complexity is an often-unwieldy mass of legacy data. Most organizations don’t have the luxury of building data systems from scratch. They may have years’ worth of accumulated data that must be cleaned to be “potable,” Baker says. Even something as simple as a customer’s birth date could be stored in half a dozen different and incompatible formats. Multiply that “contamination” by hundreds of data fields and achieving clean, useful data suddenly seems impossible.

But abandoning old data means abandoning potentially invaluable insights, Baker says. For example, historical data on warehouse stocking levels and customer ordering patterns could be pivotal for a company trying to create a more efficient supply chain. Advanced extract, transform, load capabilities—designed to tidy up disparate data sources and make them compatible—are essential tools.

Download the full report.

To learn more, listen to Jenn Savadra and Jen Felch discuss how companies are balancing the new work-from-anywhere trend in a post-pandemic world on the Business Lab podcast. Also, hear from John Roese on increasing innovation through operations on the Business Lab podcast.

This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff.

Russia has sent more than 100,000 soldiers to the nation’s border with Ukraine, threatening a war unlike anything Europe has seen in decades. Though there hasn’t been any shooting yet, cyber operations are already underway. 

Last week, hackers defaced dozens of government websites in Ukraine, a technically simple but attention-grabbing act that generated global headlines. More quietly, they also placed destructive malware inside Ukrainian government agencies, an operation first discovered by researchers at Microsoft. It’s not clear yet who is responsible, but Russia is the leading suspect.

But while Ukraine continues to feel the brunt of Russia’s attacks, government and cybersecurity experts are worried that these hacking offensives could spill out globally, threatening Europe, the United States, and beyond. 

On January 18, the US Cybersecurity and Infrastructure Security Agency (CISA) warned critical infrastructure operators to take “urgent, near-term steps” against cyber threats, citing the recent attacks against Ukraine as a reason to be on alert for possible threats to US assets. The agency also pointed to two cyberattacks from 2017, NotPetya and WannaCry, which both spiraled out of control from their initial targets, spread rapidly around the internet, and impacted the entire world at a cost of billions of dollars. The parallels are clear: NotPetya was a Russian cyberattack targeting Ukraine during a time of high tensions.

“Aggressive cyber operations are tools that can be used before bullets and missiles fly,” says John Hultquist, head of intelligence for the cybersecurity firm Mandiant. “For that exact reason, it’s a tool that can be used against the United States and allies as the situation further deteriorates. Especially if the US and its allies take a more aggressive stance against Russia.”

That looks increasingly possible. President Joe Biden said during a press conference January 19 that the US could respond to future Russian cyberattacks against Ukraine with its own cyber capabilities, further raising the specter of conflict spreading. 

“My guess is he will move in,” Biden said when asked if he thought Russia’s President Vladimir Putin would invade Ukraine.

Unintentional consequences?

The knock-on effects for the rest of the world might not be limited to intentional reprisals by Russian operatives. Unlike old-fashioned war, cyberwar is not confined by borders and can more easily spiral out of control.

Ukraine has been on the receiving end of aggressive Russian cyber operations for the last decade and has suffered invasion and military intervention from Moscow since 2014. In 2015 and 2016, Russian hackers attacked Ukraine’s power grid and turned out the lights in the capital city of Kyiv— unparalleled acts that haven’t been carried out anywhere else before or since. 

The 2017 NotPetya cyberattack, once again ordered by Moscow, was directed initially at Ukrainian private companies before it spilled over and destroyed systems around the world. 

NotPetya masqueraded as ransomware, but in fact it was a purely destructive and highly viral piece of code. The destructive malware seen in Ukraine last week, now known as WhisperGate, also pretended to be ransomware while aiming to destroy key data that renders machines inoperable. Experts say WhisperGate is “reminiscent” of NotPetya, down to the technical processes that achieve destruction, but that there are notable differences. For one, WhisperGate is less sophisticated and is not designed to spread rapidly in the same way. Russia has denied involvement, and no definitive link points to Moscow.

NotPetya incapacitated shipping ports and left several giant multinational corporations and government agencies unable to function. Almost anyone who did business with Ukraine was affected because the Russians secretly poisoned software used by everyone who pays taxes or does business in the country. 

The White House said the attack caused more than $10 billion in global damage and deemed it “the most destructive and costly cyberattack in history.”

Since 2017, there has been ongoing debate about whether the international victims were merely unintentional collateral damage or whether the attack targeted companies doing business with Russia’s enemies. What is clear is that it can happen again. 

Accident or not, Hultquist anticipates that we will see cyber operations from Russia’s military intelligence agency GRU, the organization behind many of the most aggressive hacks of all time, both inside and outside Ukraine. The GRU’s most notorious hacking group, dubbed Sandworm by experts, is responsible for a long list of greatest hits including the 2015 Ukrainian power grid hack, the 2017 NotPetya hacks, interference in US and French elections, and the Olympics opening ceremony hack in the wake of a Russian doping controversy that left the country excluded from the games. 

Hultquist is also looking out for another group, known to experts as Berserk Bear, that originates from the Russian intelligence agency FSB. In 2020, US officials warned of the threat the group poses to government networks. The German government said the same group had achieved “longstanding compromises” at companies as they targeted energy, water, and power sectors. 

“These guys have been going after this critical infrastructure for a long, a long time now, almost a decade,” says Hultquist. “Even though we’ve caught them on many occasions, it’s reasonable to assume that they still have access in certain areas.”

A sophisticated toolbox

There is serious debate about the calculus inside Russia and what kind of aggression Moscow would want to undertake outside of Ukraine. 

“I think it’s pretty likely that the Russians will not target our own systems, our own critical infrastructure,” said Dmitri Alperovitch, a longtime expert on Russian cyber activity and founder of the Silverado Policy Accelerator in Washington. “The last thing they’ll want to do is escalate a conflict with the United States in the midst of trying to fight a war with Ukraine.”

No one fully understands what goes into Moscow’s math in this fast-moving situation. American leadership now predicts that Russia will invade Ukraine. But Russia has demonstrated repeatedly that, when it comes to cyber, they have a large and varied toolbox. Sometimes they use it for something as relatively simple but effective as a disinformation campaign, intended to destabilize or divide adversaries. They’re also capable of developing and deploying some of the most complex and aggressive cyber operations in the world.

In 2014, as Ukraine plunged into another crisis and Russia invaded Crimea, Russian hackers secretly recorded the call of a US diplomat frustrated with European inaction who said “Fuck the EU” to a colleague. They leaked the call online in an attempt to sow chaos in the West’s alliances as a prelude to intensifying information operations by Russia. 

Leaks and disinformation have continued to be important tools for Moscow. US and European elections have been plagued repeatedly by cyber-enabled disinformation at Russia’s direction. At a moment of more fragile alliances and complicated political environments in Europe and the United States, Putin can achieve important goals by shaping public conversation and perception as war in Europe looms.

“These cyber incidents can be nonviolent, they are reversible, and most of the consequences are in perception,” says Hultquist. “They corrode institutions, they make us look insecure, they make governments look weak. They often don’t rise to the level that would provoke an actual physical, military response. I believe these capabilities are on the table.”

If you can recognize a dog by sight, then you can probably recognize a dog when it is described to you in words. Not so for today’s artificial intelligence. Deep neural networks have become very good at identifying objects in photos and conversing in natural language, but not at the same time: there are AI models that excel at one or the other, but not both. 

Part of the problem is that these models learn different skills using different techniques. This is a major obstacle for the development of more general-purpose AI, machines that can multi-task and adapt. It also means that advances in deep learning for one skill often do not transfer to others.

A team at Meta AI (previously Facebook AI Research) wants to change that. The researchers have developed a single algorithm that can be used to train a neural network to recognize images, text, or speech. The algorithm, called Data2vec, not only unifies the learning process but performs at least as well as existing techniques in all three skills. “We hope it will change the way people think about doing this type of work,” says Michael Auli, a researcher at Meta AI.

The research builds on an approach known as self-supervised learning, in which neural networks learn to spot patterns in data sets by themselves, without being guided by labeled examples. This is how large language models like GPT-3 learn from vast bodies of unlabeled text scraped from the internet, and it has driven many of the recent advances in deep learning.

Auli and his colleagues at Meta AI had been working on self-supervised learning for speech recognition. But when they looked at what other researchers were doing with self-supervised learning for images and text, they realized that they were all using different techniques to chase the same goals.

Data2vec uses two neural networks, a student and a teacher. First, the teacher network is trained on images, text, or speech in the usual way, learning an internal representation of this data that allows it to predict what it is seeing when shown new examples. When it is shown a photo of a dog, it recognizes it as a dog.

The twist is that the student network is then trained to predict the internal representations of the teacher. In other words, it is trained not to guess that it is looking at a photo of a dog when shown a dog, but to guess what the teacher sees when shown that image.

Because the student does not try to guess the actual image or sentence but, rather, the teacher’s representation of that image or sentence, the algorithm does not need to be tailored to a particular type of input.

Data2vec is part of a big trend in AI toward models that can learn to understand the world in more than one way. “It’s a clever idea,” says Ani Kembhavi at the Allen Institute for AI in Seattle, who works on vision and language. “It’s a promising advance when it comes to generalized systems for learning.”

An important caveat is that although the same learning algorithm can be used for different skills, it can only learn one skill at a time. Once it has learned to recognize images, it must start from scratch to learn to recognize speech. Giving an AI multiple skills at once is hard, but that’s something the Meta AI team wants to look at next.  

The researchers were surprised to find that their approach actually performed better than existing techniques at recognizing images and speech, and performed as well as leading language models on text understanding.

Mark Zuckerberg is already dreaming up potential metaverse applications. “This will all eventually get built into AR glasses with an AI assistant,” he posted to Facebook today. “It could help you cook dinner, noticing if you miss an ingredient, prompting you to turn down the heat, or more complex tasks.”

For Auli, the main takeaway is that researchers should step out of their silos. “Hey, you don’t need to focus on one thing,” he says. “If you have a good idea, it might actually help across the board.”

This story has been updated after charges were officially dismissed, and to include statements from Dr. Gang Chen, Rachael Rollins, the US Attorney for the District of Massachusetts and MIT president L. Rafael Reif.

A judge has approved the government’s motion to dismiss all charges against MIT mechanical engineering professor and nanotechnologist Gang Chen, nearly one year to the day after he was indicted on charges relating to his alleged failure to disclose relationships and funding from Chinese entities.

From the start, Chen had maintained his innocence, while MIT had indicated that he was working to establish a research collaboration on behalf of the institution and that the funding in question was actually for the university rather than Chen personally. MIT also paid for his defense. (MIT Technology Review is funded by the university but remains editorially independent.)

“Today’s dismissal of the criminal charges against Gang Chen is a result of our continued investigation,” US Attorney for the District of Massachusetts Rachael Rollins said in a statement after the filing. “Through that effort, we recently obtained additional information pertaining to the materiality of Professor Chen’s alleged omissions in the context of the grant review process at issue in this case. After a careful assessment of this new information in the context of all the evidence, our office has concluded that we can no longer meet our burden of proof at trial.”

“The government finally acknowledged what we said all along: Professor Gang Chen is an innocent man,” Robert Fisher, Chen’s defense attorney, said in a statement. “Our defense was never based on any legal technicalities. Gang did not commit any of the offenses he was charged with. Full stop. He was never in a talent program. He was never an overseas scientist for Beijing. He disclosed everything that he was supposed to disclose and never lied to the government or anyone else.”

For his part, Chen said, “While I am relieved that my ordeal is over, I am mindful that this terribly misguided China Initiative continues to bring unwarranted fear to the academic community, and other scientists still face charges.”

“I will have more to share soon,” the scientist added.

To support MIT Technology Review’s journalism, please consider becoming a subscriber.

The China Initiative

Chen was one of the most high-profile scientists charged under the China Initiative, a Justice Department program launched under the Trump administration to counter economic espionage and national security threats from the People’s Republic of China.

Despite its stated purpose, an investigation by MIT Technology Review found that the initiative has increasingly focused on prosecuting academics for research integrity issues—hiding ties or funding from Chinese entities on grant or visa forms—rather than industrial spies stealing trade secrets. Only 19 of 77 cases (25%) identified by MIT Technology Review alleged violations of the Economic Espionage Act, while 23 cases (30%) alleged grant or visa fraud by academics.

Our reporting has also found that the initiative has disproportionately affected scientists of Chinese heritage, who make up 130 (88%) of the 148 individuals charged under the initiative.

Chen’s is the eighth research integrity case to be dismissed before trial. Last month, Harvard professor Charles Lieber was found guilty on six charges of false statements and tax fraud, while the trial of University of Tennessee–Knoxville professor Anming Hu, the first research integrity case to go before a jury, ended first in a mistrial and then a full acquittal.

Research Integrity cases from MIT Technology Review’s China Initiative Database

A catalyzing case

Chen’s indictment raised awareness of, and opposition to, the initiative because of both his prominence in his field and the seemingly routine activities for which he was being prosecuted, including collaborating with a Chinese university at the behest of his home institution. “We are all Gang Chen,” a group of MIT faculty wrote at the time, expressing both their support for their colleague and their concerns about how their own activities could draw government scrutiny.

“The end of the criminal case is tremendous news for Professor Chen, and his defense team deserves accolades for their work,” said Margaret Lewis, a law professor at Seton Hall University who has written about the China Initiative. “But let’s not forget that he was first questioned at the airport two years ago and indicted one year ago. The human cost is intense even when charges are dropped.”

In a note to the MIT community shortly after the dismissal was filed, MIT president L. Rafael Reif provided some more detail on that human cost. “Gang was first detained at Logan Airport about six weeks before the pandemic struck our community; the burdens on him and his family members since then have been beyond imagining,” he wrote, while acknowledging that “this case has also caused ongoing distress throughout our community, particularly for Gang’s friends, students, and colleagues, and for those across MIT and elsewhere who are of Chinese descent.”

“Having had faith in Gang from the beginning, we can all be grateful that a just outcome of a damaging process is on the horizon. We are eager for his full return to our community,” Reif said.

Lewis added: “I am hopeful that the Justice Department will soon move beyond announcements regarding the review of individual cases to a broader statement ending the China Initiative.”

But “rebranding the China Initiative will not be enough,” said Patrick Toomey, a senior staff attorney with the American Civil Liberties Union’s National Security Project, which has represented two prominent researchers erroneously charged before the China Initiative was announced in 2018. “The Justice Department must fundamentally reform its policies that enable racial profiling in the name of national security.”

It is not just academics and civil rights groups that are speaking out. Over the past year, criticism of the initiative has ramped up from all sides. Ninety members of Congress have requested that Attorney General Merrick Garland investigate concerns about racial profiling, and former DOJ officials have advocated for a change in direction as well.

John Demers, the former head of the Justice Department division that oversees the initiative, reportedly favored a proposal for amnesty programs that would allow researchers to disclose previously undisclosed ties with no fear of prosecution. Meanwhile, in response to MIT Technology Review’s reporting, Andrew Lelling, the former US District Attorney for Massachusetts who brought charges against Chen, argued that the part of the program targeting academics should be shut down. Six more research integrity cases remain pending, with four scheduled to go to trial this spring.

Some kind of announcement may be coming soon: DOJ spokesman Wyn Hornbuckle told MIT Technology Review in an email last week that the Justice Department is “reviewing our approach to countering threats posed by the PRC government“ and anticipates “completing the review and providing additional information in the coming weeks.“

Additional reporting by Jess Aloe.

Thank you for joining us on “The cloud hub: From cloud chaos to cloud clarity.” We hope you enjoy this article.

MACH-ready commerce vendors provide benefits of flexibility and scalability through the API layer, but they only work if the solution is used “as is.” E-commerce companies often seek the ability to solve X, the unknown variable during the always-on digital evolution. Hence, MACH-X.

Click here to continue.