The Twitter hack, compromising the accounts of some of the most prominent people on the website, was a reminder of the growing salience of cybersecurity.
Everyday, the news carries word of such data security breaches, debates over use of facial recognition technology, and the growth in cyber conflict.
这些事件证明了公司环境中网络安全关注及其更广泛的社会影响的证据。安全和隐私问题涉及大范围。
The standard reading is that incidents like these require ever ‘more’ technology, in volume, capacity, sophistication, and ubiquity.
Our最近的工作指向a不同的阅读。
We contend that these incidents chronicle a foundational shift in the relationships between firms, individuals, data and regulatory capacity, often across borders – and hence require a rethink of how state actors and firms engage emerging technologies.
As the prominence and centrality of large technology firms in economic activities and in civic and political life grow, their relevance to core areas of state affairs of sovereignty and security also increases. Governments, in short, are no longer the only – or in some respects even the principal – players in the provision of national security.
这种情况需要改变思考各州如何调节新兴技术和对“技术”本身的相对权重,而不是组织技术影响的补充资产。现在熟悉的标签“网络安全”倾向于过分关注技术问题和解决方案,而不足以应对新的治理挑战。这些挑战需要政府参与者与私营企业之间的密切合作,以超越现有政策模型的方式。网络安全事件构成的威胁的全球性,系统性通常以侵犯民族边界的方式而不是尊重它们或由其包含的方式发生。
网络空间的扩展挑战了该州在政治和经济生活的治理和秩序中的传统统治地位。这种“主权差距”以两种主要方式显而易见。
首先,国家行为者不再是其他州交付国家安全的主要关注点。其他参与者,重要的大型科技公司和一些全球咨询公司的真实或潜在进攻能力意味着,国家安全计划现在必须考虑不仅来自其他国家,而且还来自私营部门的威胁。州经常必须与除最先进的州行为者外的所有能力和资源更大的能力和资源来管理网络挑战的公司。由于这些事态发展,“国家安全”本身是一个动议的术语,在政策和实践中产生了新的议程 - 在公司领域,促使“企业外交”作为大公司的重要新能力。
Second, governments can no longer take for granted their ability to protect national and economic security against all relevant threats. From infrastructure protection to encryption to data collection and analysis, the work of private companies provides the primary and sometimes superior line of defence against cyber threats. This in turn raises still further challenges in how and in what ways tech firms collaborate with government actors. Never before in modern history has national security provision relied so much on the private sector capacity and deep tech expertise as in the current era.
州对sovereignt作出了回应y gap by pushing back against the private sector’s growing relevance. The case of information threats travelling via social media, for example, is instructive here. Social media companies such as Facebook and Twitter are the first line and primary players in attempts to fend off外国虚假信息运动that seek to sow division and discord within democracies or that seek to undermine public confidence in the legitimacy of electoral outcomes. Their public records on this work do not inspire. And over time these ‘platform’ companies remain under-regulated by virtue of debates in the division of regulatory labor: Is Facebook a media company or a private information platform? The answers to that question are plural, and they implicate different regulatory agencies and policy models. There are differences of degree between the US responses and those of the European Union; both are still preliminary.
这些解决情况的努力并没有快速或迅速。在美国总统选举年,这个问题是政策制定者和商业主管的持续关注。在最近的英国议会选举和其他十几个国家案件中,也出现了同样的问题。这个小插图提醒我们,这里的主要问题不是更有效的法规,而是新的见解和新的政策模型,即国家如何和应管理这一“主权差距”。
Another concern involves the controversial use of facial analysis technology in policing. Amazon recently announced that it will暂停该技术的使用在美国,由于对种族和算法中的其他偏见的关注。没有明确的监管框架来管理这一技术应用,事实上,这是通过内部工人的抵制和对政府合同的挑战来实现的,流行媒体动员以及其他此类“非正式”(和不均匀)的响应来源。具有讽刺意味的是,法规的设计要求将其技术受到监管的公司参与(美国国会代表目前正在咨询亚马逊;欧盟政策制定者正在与公司对话。
这些案例说明了治理挑战不仅在国内层面,而且在国际环境中也提出了挑战。优先考虑国家优先考虑的联合国政府专家(UNGGE)等常规治理机制,由于大国外交分歧,并且由于相关私人参与者在很大程度上缺乏讨论而努力制定可接受行为的规范。旧式政策场所的重点是民族国家。新一代的政策论坛努力应对新形式的代表和会员资格。
These examples highlight both the timeliness and analytic value of tools from international relations and regime theories to understand and solve these challenges. This approach points to how regimes structure both attention to these challenges and the available policy solutions. Standard IR regime theory on build an analysis by focus on relevant actors, principles and rules, and decision criteria. We find that much of the regulatory capacity, tools, and rules in the cyberspace are drawn by analogy from other incumbent technologies and industries. This is consistent with findings of the histories of technology and innovation.
The core point is that emerging cyber technologies have altered the balance of capacity and influence between state actors and corporations in core areas of national and international life. Although information about government capacity and practices in this space is often classified, much data exists in the public domain with which to evaluate international norms construction, social media information campaigns, and technology assisted policing.
网络能力发展所带来的主权差距的增长表明,“为什么”我们需要以明确关注国际关系和治理制度来丰富标准技术战略和网络研究。这些研究表明了“如何”的起点。我们的挑战是更充分地了解这些问题,这些问题最初表现为“技术”问题。并以这种更全面的理解为支持,我们可以指导有关这些新兴,社会塑造技术的力量,影响和命运的政策的制定。因此,我们可以为业务领导者提供更强大的律师。
这项研究智慧的好处与政策和实践有关:充分欣赏一个“案件”或事件以外的网络安全和技术治理的挑战,需要协调,纪律严明的询问。任何单一学科的优点都是专门的重点 - 无论是计算机科学还是管理研究还是政治科学。此外,任何单一观点都可以最终解决技术问题的想法是假定工程师和计算机科学家,私人公司或政府的管辖权至关重要。这里必要的知识项目是融合这些观点。因此,我们努力构建一项研究计划,该计划从“学科国会”开始,该计划将国际关系理论和全球事务与技术理解和管理研究联系起来。
The issue for practice is to experiment with the idea of corporate diplomacy and to explore new ways for tech firms and governments to work together – and also to specify correctly the differences and conflicts. We need urgently an era of experimentation to develop new kinds of capacity and new kinds of collaboration – and a generation of leaders in both venues with experience in this work.
网络威胁是与技术相关的新兴挑战类别的类别,这使得新一代综合,多学科研究,政策和实践的需求。这些解决方案不能遭受一个被隐居世界的限制。也不应引起他们的学术询问。
