Last week, the White House confirmed that Todd Park is stepping down from his position as the country’s second Chief Technology Officer to move back to Silicon Valley, though he’ll remain connected to the administration. The latest news indicates that Google executive Megan Smith is a top candidate for his replacement. This Silicon Valley/Washington, DC crisscrossing, although rare, is a welcome development, and it comes at a time when the Washington establishment – Republicans and Democrats alike – is becoming increasingly known for its lack of technical acumen. The divide between those who are tech savvy and politically savvy is not only geographic, but is also perpetuated by industry and academic stovepipes. This is especially true in the cyber realm, an area that has vast technical and political implications but where the two communities remain separated by geography, disciplinary jargon, and inward-focused communities.
It’s a safe bet that I was the only person to attend both Black Hat in Las Vegas and this past weekend’s American Political Science Association Annual Conference in Washington, DC (perhaps best known now for the disruptive fire at the main conference hotel). If anyone else attended both, I’d love to talk to them. For the most part, I was struck by how little acknowledgement was given to cyber at APSA and how little Black Hat addressed the impact of the foreign and domestic policy issues that greatly impact the future of the cyber domain. Each conference should continue to focus on its core expertise and audience, but the increasing interconnection of cyber and policy can’t continue to be brushed aside. For its part, Black Hat had exactly three policy-related presentations out of roughly 120, and that is based on their own coding schema, which seemed accurate. APSA didn’t do any better – three panels had ‘cyber’ in their title, three had ‘Internet’, and maybe two dozen had ‘digital’, although these really only used it as a synonym for the modern era and had nothing to do with technology. To put this in context, APSA generally has over 1000 panels, and the theme this year was “Politics after the Digital Revolution.”
Why does this even matter? During one of the APSA panels (one of the three that addressed cyber), an audience member asked what political science has to do with cyber studies. I viewed this question as similar to someone in the 1950s asking what political science has to do with nuclear engineering. Clearly, they are distinct domains with distinct experts, but policymakers (and those informing them) cannot simply ignore major technological breakthroughs. Especially in the cyber domain, policymakers currently employ cyber statecraft as both sticks and carrots, but lack a body of literature that explicates the impact of these relatively new foreign policy tools. Similarly, engineers and computer scientists focusing on cyber security may find themselves increasingly affected by legal and political decisions. In fact, based on the surprisingly large attendance I saw at the panels on policy at Black Hat, the tech community seems quite aware of the large impact that policy decisions can have on them.
There is room for cautious optimism. At Black Hat, I attended a panel on “Governments as Malware Authors”. It was an interesting, tactical overview of various malware attacks by a range of governments, many of which were not the usual suspects. Similarly, the APSA panel on “Internet Politics in Authoritarian Contexts” provided a great overview of the myriad ways in which authoritarian regimes employ a diverse range of cyber tools to achieve their objectives, including censorship and DDoS attacks. These two panels covered many similar topics, but with strikingly different methodological approaches and data. It would be phenomenal to see these two groups on one panel. I’d argue that panel would produce exactly the kind of information policymakers could actually use.
Similarly, at the beginning of an APSA panel on “Avoiding Cyber War”, I met one of the panel members. When he learned I worked at a tech company, he quietly admitted, “I’m not a political scientist, I’m really a hacker.” To that, I responded, “I’m not really a hacker, I’m a political scientist.” It would be wonderful to see these two perspectives increasingly collaborate and explore each other’s main venues for intellectual innovation. This small but impactful step could finally provide policymakers the insights and technological information that could help improve the glut of tech acumen within the policy domain. The tech community also must be increasingly willing to contribute to the national debate on all of the technology issues that will continue to impact their lives and businesses.
Next year, APSA will be in San Francisco, which presents an exciting opportunity for this kind of collaboration. It would be great to see more panels featuring technology, and more specifically, new analyses of cyberspace and statecraft. Of course, short of a miracle, APSA will have to work on some marketing for that to happen. I, for one, welcome the day when APSA abandons the nylon Cambridge University Press bags it gives away in favor of an APSA sticker or decal that political scientists (and maybe even an engineer or two) can proudly exhibit on their Macs.