What's missing

Paul Buchheit says that people at the leading edge of a rapidly changing field "live in the future." Combine that with Pirsig and you get: Live in the future, then build what's missing. That describes the way many if not most of the biggest startups got started.How to Get Startup Ideas by Paul Graham.

These aren't necessarily "startup ideas"—just stuff I wish someone would build. Feel free take one and run with it; I'll be your first customer.

Oster for information security (2020/11). Frustrated with the state of pregnancy and parenting advie, Emily Oster wrote Expecting Better and Cribsheet. An expectant mother who's also an economics professor, she takes readers on a tour of the medical science (peer-reviewed scientific literature), explaining not just what's known/uncertain, but crucially, why.

I wish someone would do this for information security—a book for nonspecialists, explaining how individuals and non-technology business owners can improve their security postures. A good version of this would explain "the ten things you should do", ranked using cost/benefit analysis, with as much epistemic rigor as possible.

Payments and accounting for lumpy payers (2020/12). Certain businesses (offhand: professional services firms, daycares, landlords, wholesalers) receive large amounts of money from a small number of repeat payers. No US payment system serves this scenario well: Visa/Mastercard are too expensive, ACH too cumbersome, Zelle/SCash/Venmo's limits aren't high enough. Despite numerous drawbacks—slowness, potential for fraudulent alteration, errors (incorrect payee or amount), bounces, and lack of automatic reconciliation, checks have held on because they're cheap, widely-accepted, and the ongoing relationship mitigates the risk of a bad check.

A better approach would move the whole thing online, integrate accounting and payment processing, and offer a payment mechanism similar to ACH but without the hassle. Zelle might be a good foundation, but they work only with banks (no API). Cozy is a promising example for mom and pop landlords. As a commercial landlord, I used Xero for accounting and bill.com for payment processing; it didn't work well and I don't recommend it.

Solving this well probably requires building an entirely new payment rail to compete with, or even displace, ACH. The Federal Reserve knows this is a problem, but has done little but talk about it for around a decade.

Electrification specialists (2021/01). Decarbonization requires moving a lot of stuff formerly powered with hydrocarbons (cars, HVAC, cooking) to electric power. Contractors largely lack the cross-functional design expertise required for re-engineering of this magnitude, and GCs don't want thousands of tiny projects with fussy homeowners. The solution will be some kind of blended retailer/installer (a "Geek Squad" of decarbonization), augmented by sophisticated project management and design software to lay everything out, control costs, and deal with permitting.

Identity for government services (2021/02). It's 2021, and I'm still proving residency with paper bills or a plastic card (driver's license). I didn't vote in the 2020 election because I was away from home, and USPS doesn't forward ballots—news to me! Disparate usernames and passwords for unemployment, the DMV, and registering my LLC might improve privacy—maybe—but the costs are enormous: massive amounts of fraud, reduced voter turnout, and frankly, hassles, every time I use a government website.

Identity is a well-understood problem in IT, with numerous well-tested solutions: Active Directory, Google's identity services (standard with G Suite), Auth0, or Okta. Having a single account would make service rollout faster for governments, reduce citizen adoption hurdles, and improve security through better, expert-assisted policy enforcement—sensible password policy, getting password resets right, having a single state-wide process for establishing identity. Such a system could even be extended to opt-in identity verification for, say, banking, and would make Asian-style pandemic contact-tracing possible.

There are legitimate political concerns, but the right framing is cost/benefit—what do we get, and at what cost—not the Privacy Fundamentalism that seems so common in the United Staes.