Yesterday, I did a first in a series of talks on over four decades of internet security policies. A tedious piece of research, that I don’t think anyone has done before. It’s a cornerstone of my thesis, and I’m currently finishing a draft chapter/paper on the topic under the same title – borrowing names from Pink Floyd seems to become a tradition of sorts.
So here’s my slides for the 27 March Cyberscholars Working Group at Harvard’s Berkman Center [pdf]. The talk was aimed to be 15 minutes long for a small and general audience, so obviously it’s a bit shallow. Questions, feedback, all more than welcome! I hope to get the paper out by the end of April. The abstract:
In the last two decades or so, two distinct claims to security have competed for attention in internet policy: a technical conception rooted in computer science theory since the 1970s, and the ‘cybersecurity’ concept that emerged in the U.S. political arena of the 1990s. Today, policymakers, intelligence officials, researchers and activists alike have welcomed the latter in their vocabulary. But from its inception, ‘cybersecurity’ was aimed at economic and political exploitation by securitizing stakeholders, effectively enabling them to paint security in any colour they like. Even after the Snowden revelations, the U.S. government has been successful in securitizing the internet with calls to monitor all traffic to counter “the imminent cyber-threat” — serious implications for open innovation, user rights and democracy notwithstanding.
To better understand the two claims to ‘security’, this paper comprehensively maps four decades of internet security conceptualizations in five security policy cycles: network and information security, data protection, telecommunications, encryption, and cybercrime. The historical analysis enables identification of the underlying values at stake, the protection offered through existing laws, and the formulation of a research agenda for computer science, political theory and legal research.