Over the last decade, a sophisticated and lucrative industry has sprung up that puts potent surveillance and intelligence capabilities in the hands of a wide range of private actors. Clandestine ...influence operations, targeted espionage against civil society, and political subversion—an organized activity whereby the decay of legitimate political institutions is deliberately and surreptitiously seeded—are easier to undertake than ever before. At least three contingent factors have combined to create conditions for subversion to become more widely practiced: 1) neoliberal globalization; 2) the rise and spread of businesses that offer private intelligence, surveillance, and "black ops"; and 3) the digital communications environment. Liberal democracies need to bring greater transparency, oversight, and public accountability to their own clandestine, law-enforcement, signals, and other intelligence agencies. If subversion continues to flourish unchecked, then the rule of law, public accountability, and even the scientific research necessary for our very survival in the face of these risks will suffer.
Public and academic knowledge of cyber conflict relies heavily on data from commercial threat reporting. There are reasons to be concerned that these data provide a distorted view of cyber threat ...activity. Commercial cybersecurity firms only focus on a subset of the universe of threats, and they only report publicly on a subset of the subset. High end threats to high-profile victims are prioritized in commercial reporting while threats to civil society organizations, which lack the resources to pay for high-end cyber defense, tend to be neglected or entirely bracketed. This selection bias not only hampers scholarship on cybersecurity but also has concerning consequences for democracy. We present and analyze an original dataset of available public reporting by the private sector together with independent research centers. We also present three case studies tracing reporting patterns on a cyber operation targeting civil society. Our findings confirm the neglect of civil society threats, supporting the hypothesis that commercial interests of firms will produce a systematic bias in reporting, which functions as much as advertising as intelligence. The result is a truncated sample of cyber conflict that underrepresents civil society targeting and distorts academic debate as well as public policy.
A “national security–centric” approach currently dominates cybersecurity policies and practices. Derived from a realist theory of world politics in which states compete with each other for survival ...and relative advantage, the principal cybersecurity threats are conceived as those affecting sovereign states, such as damage to critical infrastructure within their territorial jurisdictions. As part of a roundtable on “Competing Visions for Cyberspace,” this essay presents an alternative approach to cybersecurity that is derived from the tradition of “human security.” Rather than prioritizing territorial sovereignty, this approach prioritizes the individual, and views networks as part of the essential foundation for the modern exercise of human rights, such as access to information, freedom of thought, and freedom of association. The foundational elements of a human-centric approach to cybersecurity are outlined and contrasted with the prevailing trends around national security–centric practices. A human-centric approach strives for indivisible network security on a planetary scale for the widest possible scope of human experience, and seeks to ensure that such principles are vigorously monitored and defended by multiple and overlapping forms of independent oversight and review.
Nearly every aspect of our life is impacted by digital technologies manufactured and sold by companies. Legislative frameworks to limit the harms of such technologies have been slow to develop and ...remain entangled in controversy. 1 The expanding role of digital technologies has been accompanied by a disturbing descent into authoritarianism in many countries that is also, in part, fueled by these very same tools. 2 The decline of liberal democratic institutions is said to be linked to various properties of the digital ecosystem—from security flaws in popular applications used by states to engage in covert and remote surveillance 3 to the development and exploitation of social media algorithms that push violent and divisive content. 4 There is no doubt, then, that digital accountability research—which we define as evidence-based research seeking to track and expose risks to civil society in the digital ecosystem—is critical. This essay highlights the legal and ethical challenges faced in digital accountability research and concludes that a comprehensive and global ethical framework for such research is a critical step forward. As legal frameworks and norms continue to shift with respect to digital accountability research, such collaborative, international norm-setting would help ensure that digital accountability research continues.
States are moving to assert their interests more forcefully in cyberspace and associated governance regimes. Traditionally, transnational networks of engineers, based primarily in the United States ...and Europe, have been the primary architects of cyberspace governance, with the users and private sector shaping cyberspace itself. However, governments are becoming increasingly influential across a number of governance forums and are deliberating on how to exercise power in and through cyberspace. Particularly noteworthy are how nondemocratic states outside of Europe, North America, and parts of Asia have begun to forcefully assert their interests in cyberspace governance regimes, including some, like the International Telecommunications Union, that were previously marginalized in the Internet space. Western liberal democracies are also moving away from laissez-faire and market-oriented approaches to more state-directed controls and regulations. Drawing from international relations theory literature, and in particular constructivist approaches, this article examines international and global mechanisms and dynamics that explain the growth and spread of cyberspace controls. It also provides a study of "norm regression" in global governance: the growth and spread of practices that undercut cyberspace as an open commons of information and communication.
Abstract
The Internet and digital technologies have become indispensable in academia. A world without email, search engines, and online databases is practically unthinkable. Yet, in this time of ...digital dependence, the academy barely demonstrates an appetite to reflect upon the new challenges that digital technologies have brought to the scholarly profession. This forum's inspiration was a roundtable discussion at the 2017 International Studies Association Annual Convention, where many of the forum authors agreed on the need for critical debate about the effects of online surveillance and censorship techniques on scholarship. This forum contains five critiques regarding our digitized infrastructures, datafied institutions, mercenary corporations, exploitative academic platforms, and insecure online practices. Together, this unique collection of articles contributes to the research on academic freedom and helps to frame the analysis of the neoliberal higher education sector, the surveillance practices that students and staff encounter, and the growing necessity to improve our “digital hygiene.”
Conceptualizations of cyberspace security can be divided into two related dimensions, articulated as 'risks': risks to the physical realm of computer and communication technologies (risks to ...cyberspace); and risks that arise from cyberspace and are facilitated or generated by its technologies, but do not directly target the infrastructures per se (risks through cyberspace). There is robust international consensus, growing communities of practice, and an emerging normative regime around risks to cyberspace. This is less the case when it comes to risks through cyberspace. While states do collaborate around some policy areas, cooperation declines as the object of risk becomes politically contestable and where national interests vary widely. These include the nature of political opposition and the right to dissent or protest, minority rights and independence movements, religious belief, cultural values, or historical claims. The contrast between the domains has led to contradictory tendencies and paradoxical outcomes. Adapted from the source document.
While the rhetoric of cyber war is often exaggerated, there have been recent cases of international conflict in which cyberspace has played a prominent role. In this article, we analyze the impact of ...cyberspace in the conflict between Russia and Georgia over the disputed territory of South Ossetia in August 2008. We examine the role of strategic communications, information operations, operations in and through cyberspace, and conventional combat to account for the political and military outcomes of the conflict. The August 2008 conflict reveals some emergent issues in cyber warfare that can be generalized for further comparative research: the importance of control over the physical infrastructure of cyberspace, the strategic and tactical importance of information denial, the emergence of cyber-privateering, the unavoidable internationalization of cyber conflicts, and the tendency towards magnifying unanticipated outcomes in cyber conflicts – a phenomenon we call 'cyclones in cyberspace'.