The White House recently released a National Standards Strategy for Critical and Emerging Technology, the goal of which is to "strengthen both the United States’ foundation to safeguard American consumers’ technology and U.S. leadership and competitiveness in international standards development.”

Technology standards are a critical component of the global digital economy as well as the critical infrastructure that underpins the modern world. Yet they are often invisible to the vast majority of people who are largely unaware of the significant and continuous international efforts to create, maintain, and evolve them. Many in the public and private sector often don't recognize that every day activities, such as using WiFi, making digital payments, and simply accessing their favorite social media site are all possible because of the underlying technical standards.

Over the past several years, U.S. engagement in standards development organizations waned as both the government and private sector reduced funding. Doing so ceded influence to geopolitical rivals.

U.S. participation in these standards organizations is critical. Ensuring global, interoperable standards is in the best interest of U.S. companies and ensuring an adequate workforce to undertake that engagement is essential to achieving that goal.

While the strategy calls out several important steps, I was particularly struck by "Remove and prevent barriers to private sector participation in standards development."

Participation in the dozens to hundreds of relevant standards’ development organizations can be challenging, particularly for small and medium sized companies. Dedicating personnel to work just on standards is resource intensive and realistically out of reach for the majority of companies across most sectors. Yet, these same organizations are subject to the same technology and regulatory changes that standards impose, regardless of whether their voices are heard or not. To often, they are caught off guard when a new standard gets released and they are left having to make unanticipated changes or procuring new software and hardware to keep pace or meet the new requirements that come with it.

This is exactly what happened when the Internet Engineering Task Force (IETF) released the specification for Transport Layer Security (TLS) 1.3 in August 2018. While the IETF efforts were open to all, many organizations were caught off guard by the impacts TLS 1.3 will have on their enterprise operations. More than four-years later the vast majority of the Internet – 95.8% of sites – still haven’t migrated to TLS 1.3, still using the previous version.

The lack of adoption may be tracked back to many challenges with the specification but also at the time pointed to a larger problem. The security engineers working in the trenches to implement various security protocols were caught completely unaware that the protocol that enables web sites to securely transmit information was changing.

Additional participation in the standard process would go a long way towards alleviating this sort of thing from happening. For many organizations even simply being aware of what is on the horizon could help save time and money.

While the White House strategy looks to bolster our standards workforce, we must also recognize that no amount of capacity building will account for every stakeholder.

In conjunction with these efforts, we need to better coordinate within and across sectors to ensure that the implications of new and evolving standards development are fully understood by those developing them and those that will be impacted can more easily see the changes coming and what it means for them.

The Center looks forward to working with the administration to implement the goals in the standards strategy and helping private sector organization increase their participation.

‍