Archives For cloud-computing

digital-ownershipIn the past, nations with the best ships and ports were able to establish global trade leadership and the growth that came along with it. Today, global trade has gone digital.

In the digital economy software-enabled products and services such as cloud computing and data analytics are the key drivers of growth and competitiveness. In fact, the world now invests more than $3.7 trillion (R40 trillion) on information and communications technologies a year.

In South Africa, we spend $26 billion a year and the total for the Middle East/Africa region is $228bn. However, to maximise our return on that investment, it is important for policymakers to eliminate barriers that could inhibit the continued expansion of digital trade.

It is clear that software-driven technology is transforming every sector of the global economy. For example, thanks to unprecedented processing power and vast data storage capabilities, banks can detect and prevent fraud by analyzing large numbers of transactions; doctors are now able to study historical trends in medical records to find more effective treatments; and manufacturers can pinpoint the sources of delays in global supply chains.

Against the backdrop of this kind of innovation, any country that wants to compete in today’s international marketplace must have a comprehensive digital agenda at the core of its growth and development strategy. In addition to domestic initiatives such as investment in education and skills training, or development of information technology infrastructure, policymakers can succeed in laying the groundwork for broad-based growth in the digital age if they focus on three big priorities.

First, any bilateral or multilateral trade agreement needs to facilitate the growth of innovative services such as cloud computing. As part of this, there should be clear rules that allow information to move securely across borders and prevent governments from mandating where servers must be located except in very specific situations.

Second, to promote innovation and foreign investment, continued intellectual property protection is vital and the use of voluntary, market-led technology standards – instead of country-specific criteria that force firms to jump through different technical hoops every time they enter a new local market – should be encouraged.

Third, all governments should ensure there are level playing fields for all competitors so customers have access to the best products and services the world has to offer.

At the same time, disclosures about government surveillance programmes in the US and other countries have sparked a renewed focus on data protection and personal privacy. Those concerns are worthy of debate and careful reform. But it is critically important not to conflate separate issues: We can’t let national security concerns derail digital trade.

There is precedent for navigating periods of change such as this in the global trade arena. Policymakers stood at a similar inflection point in the 1980s when they recognised the keys to growth in the coming decades would be intellectual property, services and foreign direct investment.

With foresight and hard work, they updated trade rules in the Uruguay Round of multilateral negotiations to ensure commitments were in place to provide a check against protectionist impulses. Now, as governments pursue robust growth agendas for the digital economy, it is critical we modernise trade rules again. Source: The Software Alliance (South Africa).

Advertisements

Picture1There is nothing nebulous about the “cloud”, especially as it applies to developing countries, a new UNCTAD report says. For businesses and governments in poorer nations to benefit from cloud computing’s increasingly rapid and more flexible supply of digitized information – the sort of thing that enables online marketers to rapidly scale up their information systems in tune with fluctuations in demand – massive, down-to-earth data processing hardware is required. Also needed is extensive broadband infrastructure, as well as laws and regulations that encourage the investment needed to pay for advanced information and communication technology (ICT) facilities and to protect users of cloud services.

UNCTAD’s Information Economy Report 2013, subtitled The Cloud Economy and Developing Countries, was released on 3 December 2013.

Referring to cloud computing, United Nations Secretary-General Ban Ki-moon states in the preface to the report: “This has considerable potential for economic and social development, in particular for our efforts to achieve the Millennium Development Goals and to define a bold agenda for a prosperous, sustainable and equitable future.”

The report shows that cloud computing offers the potential for enhanced efficiency. For example, cloud provisioning may enable small enterprises to outsource some of the information technology (IT) skills that they would otherwise have to provide internally. Companies can benefit from greater storage and computing capacity, as well as the expertise of cloud service providers in areas such as IT management and security.

But the study notes that options for cloud adoption in low- and middle-income countries look very different from those in more advanced countries. While free cloud services such as webmail and online social networks are already widely used in developing nations, the scope for cloud adoption in low- and middle-income economies is much smaller than it is in more advanced economies. In fact, the gap in availability of cloud-related infrastructure between developed and developing countries keeps widening. Access to affordable broadband Internet is still far from satisfactory in developing nations, especially in the least developed countries (LDCs). In addition, most low-income countries rely on mobile broadband networks that are characterized by low speed and high latency and therefore not ideal for cloud service provision.

The report recommends that governments “welcome the cloud but tread carefully”. Within the limits of their resources, infrastructure such as costly data centres must be constructed; at present, developed economies account for as much as 85 per cent of all data centres offering co-location services.

The cloud’s pros and cons

In simple terms, cloud computing enables users to access a scalable and elastic pool of data storage and computing resources, as and when required. Rather than being an amorphous phenomenon in the sky, cloud computing is anchored on the ground by the combination of the physical hardware, networks, storage, services and interfaces that are needed to deliver computing as a service.

The shift towards the cloud has been enabled by massively enhanced processing power and data storage, and higher transmission speeds. For example, some central processing units today are 4,000 times faster than their equivalents from four decades ago, and consumer broadband packages are almost 36,000 times faster than the dial-up connections used when Internet browsers were introduced in 1993.

The potential advantages of cloud computing include reduced costs for in-house equipment and IT management, enhanced elasticity of storage/processing capacity as required by demand, greater flexibility and mobility of access to data and services, immediate and cost-free upgrading of software, and enhanced reliability and security of data management and services.

But there are also potential costs or risks associated with cloud solutions. The UNCTAD report mentions costs of communications (to telecom operators/Internet service providers) and for migration and integration of new cloud services into companies’ existing business processes, reduced control over data and applications, data security and privacy concerns, risks of services being inaccessible to targeted users, and risks of “lock-in” with providers in uncompetitive cloud markets.

Policymakers should waste no time in exploring how the cloud computing trend may affect their economies and societies, UNCTAD recommends. Countries need to assess carefully how best to reap gains from this latest stage in the evolving information economy. In principle, UNCTAD sees no general case for government policy and regulation to discourage migration towards the cloud. Rather, governments should seek to create an enabling framework for firms and organizations that wish to migrate data and services to the cloud, so that they can do so easily and safely. But government policies should be based on a careful assessment of the pros and cons of cloud solutions, and should recognize the diversity of business models and services available. The report underlines that there are multiple ways of making use of cloud technology, including public, private or hybrid clouds, at national, regional and global levels. Source: UNCTAD

Picture credit - Gismag.com

Picture credit – Gizmag.com

First came news from The Guardian that the NSA was collecting phone records from millions of Verizon customers under a top-secret government order:  “The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top-secret court order issued in April.

The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.”

Then, in the last few hours, more layers were peeled back by The Washington Post:  “The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track one target or trace a whole network of associates, according to a top-secret document obtained by The Washington Post.”

The story continues to list the companies who allegedly gave the US government unfettered access to customer data (emphasis is ours): “Equally unusual is the way the NSA extracts what it wants, according to the document: ‘Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

According to a series of alleged PowerPoint slides obtained by The Washington Post, Microsoft was the first to join the program, in September of 2007. The most recent addition was Apple, in October of 2012. Dropbox is reportedly “coming soon.”

Interestingly, most of the companies named are responding to requests for comment by flat-out denying awareness or involvement. According to The Next Web, Facebook, Apple, Google, Microsoft, Dropbox and Yahoo have all denied participation. PRISM reportedly began collecting data in 2007, which means it was introduced under President Bush. However, The Washington Post says the program has experienced “exponential growth” under the Obama administration.

Video: The U.S. goverment is accessing top Internet companies’ servers to track foreign targets. Reporter Barton Gellman talks about the source who revealed this top-secret information and how he believes his whistleblowing was worth whatever consequences are ahead.

Video: The U.S. goverment is accessing top Internet companies’ servers to track foreign targets. Reporter Barton Gellman talks about the source who revealed this top-secret information and how he believes his whistleblowing was worth whatever consequences are ahead.

The slides reveal an annual budget of US$20 million for the program with data monitored by the program including e-mails, instant messages, videos, photos, stored data (presumably in the cloud), voice chats, file transfers, video conferences, log-in times, and social network profile details. Although the program is supposedly aimed at surveillance of foreign targets, such as spies and terrorists, and is intended to take advantage of the fact that most of the world’s data flows through the US, it is inevitable that data of US citizens is caught up in the mix. The NSA Powerpoint slides describe this as “incidental.”

It shouldn’t be too shocking that the US government spies on its citizens. What may be more surprising is just how far-reaching, and possibly unconstitutional, this program is. Perhaps the most significant part will be the fallout now that the secrets are out in the open.

Recent developments concerning customs data exchange via “cloud-type” mediums will therefore come under more scrutiny given current revelations in the US. It serves little purpose for countries to agree on data confidentiality and unwittingly (?) make such data available for ‘harvesting’ via third-party technology providers. Let this come as a fore-warning to governments.

Sources: The Guardian, The Washington Post, The Next Web, and Gizmag.

TKCThe first live demonstration of an end-to-end customs connectivity solution was successfully completed in Windhoek, Namibia on December 12, 2012. Customs Connectivity enables customs administrations from different countries to share information seamlessly and instantly across borders: reducing processing time and improving access to reliable, real-time trade statistics.

The demonstration was witnessed by the Commissioners of Botswana (BURS) and Namibia Customs (NRA), senior managers and operational teams. The demonstration involved moving information from an ASYCUDA++ entry in Botswana via the Cloud-based User Portal to an ASYCUDA++ entry in Namibia, and vice-versa from Namibia to Botswana. It demonstrated how clearing agents/traders would manage the flow of their information via the secure online User Portal.

The demonstration marked a “watershed moment” in turning Customs Connectivity into reality. The next steps for the pilot project include full system testing and documentation before end-user training commences. Full implementation is scheduled to take place during the first half of 2013.

Customs Connectivity offers countries in the region a historic opportunity to engage cutting-edge technology and modern tools to facilitate trade throughout Southern Africa, enhancing economic growth and promoting food security. The pilot project is being implemented by Botswana and Namibia, supported by the USAID Southern Africa Trade Hub. Source: SATH

Request – Perhaps some of the TKC clearing agents, NRA and BURS customs staff would like to comment on their experience thus far? 

Cliffe Dekker Hofmeyr offers an appraisal on the Working Paper on Cloud Computing – Privacy and Data Issues, recently published by International Working Group on Data Protection in Telecommunications. Although the guidelines detailed in the Working Paper are not mandatory, it appears that the intended approach to data protection in the cloud is one of uniformity, with a view to ultimately developing best practice based processing of personal information. It would be interesting to understand to what extent S ATrade Hub  and Microsoft, in conjunction with the Customs of Namibia and Botswana, considered any such guideline in regard to their cloud computing initiative on the Trans-Kalahari Corridor?

The recommendations under the Working Paper highlight some of the risks and complexities associated with cloud computing. The overreaching nature of the Working Paper will serve to ensure that there is no lowering of general data protection standards for processing personal data in the cloud. The Working Paper specifically advocates the following general recommendations:

  • Carrying out privacy impact and risk assessments prior to embarking on cloud computing projects.
  • Development of practices by cloud service providers to ensure greater transparency, security and accountability regarding information on potential data breaches; and also more balanced contractual clauses to promote data portability and data control by cloud users.
  • Research, third-party certification, standardisation, privacy by design technologies and other related schemes in order to achieve a desired level of trust in cloud computing.
  • Legislative reassessment of the adequacy of existing legal frameworks allowing cross border transfer of personal information and consideration of additional privacy safeguards.
  • Accounting for independent audit trails with regards to the location of the personal information. Continuity in the provision of information by data controllers to privacy and data protection authorities. These recommendations are aligned to the general principles set out in the European Union and Safe Harbor data privacy frameworks.

The Working Paper also provides more specific recommendations, on ‘best practice’, ‘controllers’, ‘cloud service providers’ and ‘auditing’. These specific recommendations contemplate the implementation of technical measures that can be used to determine the exact physical location where personal information is held and stored, with an audit trail specifying any copying and/or deletion of personal information. In addition, the Working Paper includes a suggestion for encryption of all personal information (both at rest and in transit) and also recommends the conclusion of agreements between data controllers and cloud service providers to expressly designate and limit the physical locations where personal information will be processed. The Working Paper specifically provides that the cloud service provider should not be entitled to use personal information in the cloud for its own purposes.

It is likely that significant steps will need to be taken by cloud service providers in order to comply with the recommendations under the Working Paper and/or applicable data protection laws, which may potentially require substantial financial resources, including for procuring and implementing the appropriate technology required to give effect to the recommendations and/or laws.

In the South African context, the principles under the current draft of the Protection of Personal Information Bill(PPI) (in particular, the provisions which relate to the conditions for lawful processing of personal information and transborder information flows) can be aligned to the recommendations under the Working Paper. The real test for cloud service providers and their customers will however be in the practical implementation of the principles under PPI. Many of the recommendations under the Working Paper will serve to provide guidance in this respect, particularly in the measures which need to be implemented to maintain a level of transparency in the supply chain of personal information in the cloud. Source: www.cliffedekkerhofmeyr.com

RELATED ARTICLES

From April 12-13, Southern African Trade Hub (aka USAID) presented Single Window as a cutting-edge tool for trade facilitation to the Ministry of Industry and Trade, Ministry of Finance, Customs and other private sector organizations, explaining how a NSW for Namibia could improve the Trading Across Borders index ranking, which currently stands at 142 out of 183 countries. Single Window is a crucial instrument that will eliminate inefficiency and ineffectiveness in business and government procedures and document requirements along the international supply chain, reduce trade transaction costs, as well as improve border control, compliance, and security.

Benefits for Government: A Single Window will lead to a better combination of existing governmental systems and processes, while at the same time promoting a more open and facilitative approach to the way in which governments operate and communicate with business. Traders will submit all the required information and documents through a single entity, more effective systems will be established for a quicker and more accurate validation and distribution of this information to all relevant government agencies. This will also result in better coordination and cooperation between the Government and regulatory authorities involved in trade-related activities.

Benefits for trade: The main benefit for the trading community is that a Single Window will provide the trader with a single point for the one-time submission of all required information and documentation to all governmental agencies involved in export, import or transit procedures. As the Single Window enables governments to process submitted information, documents and fees both faster and more accurately, traders would benefit from faster clearance and release times, enabling them to speed up the supply chain. In addition, the improved transparency and increased predictability would further reduce the potential for corrupt behaviour from both the public and private sector.

If the Single Window functions as a focal point for the access to updated information on current trade rules, regulations and compliance requirements, it will lower the administrative costs of trade transactions and encourage greater trader compliance. The Permanent Secretary for the Ministry of Industry and Trade underscored the need for Namibia to proceed with the Single Window concept, and advised participants that his Ministry, together with the Ministry of Finance, would jointly package the Single Window concept and submit it to Cabinet for Government approval.

In Southern Africa, Mauritius already has an effective Single Window, which is reflected in its “Trading Across Borders” ranking of 21. Mozambique recently launched its pilot Single Window. SATH will support and facilitate the processes for the establishment of a Botswana National Single Window system to streamline cross border trade. The current SATH Trans Kalahari Corridor (TKC) Cloud Computing Connectivity program, which is being piloted between Botswana and Namibia, provides an ideal technology platform for linking Botswana and Namibia Single Windows, leveraging the investment by BURS, Namibia Customs and SATH to date in the development of this system. SATH is currently in the process of gauging support for National Single Window in South Africa.

Excuse my cynicism, but the SA Trade HUB  has yet to demonstrate the viability of its Cloud Computing solution between Namibia and Botswana Customs. What is reported above is the usual sweet and fluffy adjectives which accompany most international customs and trade ICT offerings, ignoring prerequisite building blocks upon which concepts such as Cloud and Single Window may prove beneficial and effective. Past project failures in Africa are usually blamed on the target country in not bedding down or embracing the new process/solution – never the vendor. Given the frequency of technology offerings being presented by donor agencies on unwitting national states, there seems little foreign interest in ‘bedding down’ or ‘knowledge transfer’ than the ‘delivery of expensive technology’.

Related articles and references

FTW Online recently published an update on recent developments occurring along the Trans-Kalahari Corridor (TKC). It suggests that customs systems throughout the SADC region could soon be talking to each other through the Internet, if the pilot project between Namibia and Botswana is successful. During July 2011, the Southern African Trade Hub unveiled a plan to initiate a pilot programme to link the ASYCUDA systems of Namibia and Botswana via Microsoft’s Cloud Computing technology. Both Microsoft and USAID are partners in this initiative seeking to enable the two customs systems to communicate with each other through a secure portal. View the keynote presentation at the 2011 World Customs Organization IT Conference and Exhibition – Seattle, Ranga Munyaradzi (SATH) and Namibian Customs Commissioner, Bevan Simataa, were invited on-stage to elaborate on this initiative – click here!

According to Oscar Muyatwa, executive director of the Trans-Kalahari Corridor Secretariat, the initiative holds the prospect of opening up African opportunities in the United States for exports, as it is being supported by USAID as part of the African Growth and Opportunities Act (AGOA). Both Namibian and Botswana Customs officials are to be trained in Cape Town over the next few months. The TKC Secretariat believe this initiative will bring about its vision of a ‘automated corridor’. Further ahead the TKCs envisages the establishment of One Stop Border Posts (OSBPs) to reduce border dwell and transit times. Muyatwa says ‘The ‘cloud’ will maintain vast volumes of transit data that will assist future planning along the corridor as well as revenue and budgeting forecasts’. Source: FTW Online.

Comment: lest there be any confusion amongst Customs users, traders and carriers, the concept of cloud computing in the Customs sphere is very ‘clouded’ at this point. What needs to be considered is the ‘ownership’, rights to ‘access’ and ‘integrity of use’ of such information. Furthermore, as this is a first-of-its-kind initiative (in Africa at least); it would be highly recommended that the participants and developers ‘share’ details of the approach with other SACU members in order to better understand the programme. Up to this point it is very unclear how the developer has gone about the integration of customs information, for instance, since ‘users’ have not been fully involved in the scope, proof-of-concept or design of the system. 

Related articles

The following article is very pertinent to any organisation or group considering cloud computing. Soft-marketing tends to delude would-be users into believing they will have full control over their data, and as such, is fully secure. Even in the international Customs and Border Management space there is lots of talk on this subject, yet very little substance. Unfortunately, organisations and individuals are slaves to the technology they use which fashions not only their work ethic but attitudes as well. It is no longer true that technology is a ‘tool’. More time and money is spent these days on technology choice than on training and education. In fact technology is so important it influences law-making and business operations, rendering human discretion obsolete in many instances. Therefore it is imperative that organisations involve business and legal experts in their systems development. 

The recent spate of hackings and electronic security breaches serves to highlight the endemic threat and associated cost of cyber crime. Globally, organisations are forced to reconsider their cyber security measures as cyber criminals become more audacious and technologically innovative. Crimes can take place in both the physical and the electronic medium, with the possibility of technology infrastructure being used as both a “subject” and an “object” of a crime.

The criminal justice system faces a number of challenges in the successful prosecution of cyber crimes. While the Electronic Communications and Transactions Act of 2002 does create a framework for criminalising cyber crimes, including hacking, it does not provide any concrete preventative measures to combat cyber crime. The technical and often remote nature of cyber crimes, including multi-jurisdictional issues where cyber criminals are operating abroad, often prevents prosecutors from being able to present viable cases and bring cyber criminals to book.

Fortunately, the South African government has acknowledged that more proactive measures are required to address the scourge of cyber crime. Cabinet has recently approved a National Cyber Security Policy published by the Department of Communication. The policy creates, among other things, a platform for the creation of a number of structures that would be responsible for analysing and responding to the threat of cyber crime with the ultimate objective of mitigating the effects of cyber crime in South Africa. The State Security Agency has been tasked with responsibility and accountability for the implementation of cyber security measures. It is hoped that this policy and the measures it intends to implement results in the prevalence of cyber crime in South Africa being effectively addressed and countered. Organisations should, in addition to any measures being taken by government, continue to carefully assess their cyber security measures proactively, including by implementing robust systems, particularly in instances where personal data is processed (which includes the collection, recording, transferring or storing of such personal information). The Protection of Personal Information Bill requires the implementation of “appropriate” security safeguards where an individual’s personal information is processed. What will be considered appropriate will need to be determined on a case by case basis and with reference to steps taken in foreign jurisdictions, which may provide guidance in interpreting this requirement.

On account of the fact that there is no way to precisely document the far reaching effects of cyber crime, individuals, organisations and government must ensure that a more cautious and prudent approach is adopted to manage security in any electronic environment. Source: SAPA

WCO - Globally Networked Customs

With the WCO Council Sessions later in June this year, it is opportune to discuss perhaps one of the single most important developments in Customs Inc, the “Globally Networked Customs (GNC)” concept which aims to realize connectivity, data exchange, and cooperative work amongst the world’s customs administrations.

GNC is set to play a very important role in promoting trade facilitation, enhancing trade efficiency and safeguarding trade security; it will also greatly influence international rules and the development of the customs end-to-end operational process. By and large the SAFE Framework, WCO Data Model and the Revised Kyoto Convention provide specific standards for the development and implementation of national customs legal, procedural and automated systems. It is the GNC that will in future “industrialise” and harmonise Customs-2-Customs (C2C) information exchange requirements which underpin a country’s bilateral and multilateral trade agreements.

Briefly the need for GNC arises from the exchanges of information underpinning International Agreements in the commercial domain. These take time and are costly to implement. They are all different from each other creating diversity both for Members and trade. This is because each one of these agreements is built anew, handcrafted and tailor-made to meet the needs at hand. This approach will not scale up and countries broking an increasing number of International Customs Agreements are already encountering difficulty to maintain their delivery plan in line with their international policy ambitions. Below you will find links to 2 documents explaining the GNC. More information on the GNC will be provided once approved by the WCO’s Policy Commission later on in June 2012. Source: WCO.

Related articles

Officials at the Ethiopian Revenues & Customs Authority (ERCA) have made a turnaround on their earlier plan to compel IT companies to raise 20 million Br in capital if they are to be registered to supply devises for electronic cargo tracking. Troubled by an increasing practice of pilfering goods on the Addis Abeba to Djibouti transport corridor, the ERCA hired an US-based company for 2.5 million dollars to establish an electronic monitoring system. HI-G-TEK developed the system using Radio Frequency Identification (RFID), which will help customs officials get real-time information on the activities of trucks to and from Djibouti port. There are around 10,000 trucks with varying carrying capacities, of which half are fuel transporting vehicles. A trucking company has to pay around 20,000 Br, including installation fees, to get the devices in each truck under its fleet.

The US company has installed the system in the six selected stations along the corridor and trained around 30 officers of the Authority. However, the system is yet to be functional, for every truck on the highway should be fitted with electronic tracking devices to be supplied by IT vendors certified by the Authority. In order to be certified, a company is required to have 20 million Br in capital, produce a performance bond worth two million Birr, and have a five-year contract with major IT suppliers, according to the directive issued by the ERCA to regulate the new system. No vendor has been certified, yet, for many see the requirement to raise such lofty capital as an impediment. So far, GCS Tracking Plc, Global Tracking Plc, Ramsea Industrial Solution Plc, and FC Tracking are the companies that have applied to get into the business. The companies are to supply the seals, locks, and compact readers as well as GPRS modems to identify locations of the cargoes.

Subsequent to complaints from the IT industry, legal experts at the ERCA are busying themselves, studying the experiences of other countries, which they hope will be used for possible amendments. However, these experts are divided over the proposition to reduce by half the current capital requirement, while others argue that a performance bond is enough, according to sources. Surprised to hear about the amendment, Zelalem Dagna, managing director of Global Tracking Plc, sees the change as an appropriate move by the ERCA. However, he still claims that the requirement for a two million Birr performance bond should not be removed but be determined on a project basis.

Officials at the ERCA, which is enforcing the current requirements, however, declined to comment. The Authority is also negotiating with the Ministry of Transport (MoT), which is implementing a fleet management system that will also monitor and indicate the whereabouts of trucks, negotiating with the Authority to interface the two systems. Most of the devices used for both systems are the same, thus can run with a single subscriber identification module (SIM) card, transferring all data for the respective institution, according to an electrical engineer at the ERCA. He is concerned that failure to interface the systems would allow transport companies to jack up prices, which he fears would trickle down to the end user.

By all accounts it seems like the initiative was launched on impulse and a whim without prior consultation with stakeholders. Per usual it’s the consultants who have scored out of this. Source: Addis Fortune