For years I have been researching the intersection of technology and politics. One recent thought provoking book is “The New Digital Age” by the Executive Chairman of Google, Eric Schmidt, and Jared Cohen, Director of Google Ideas, its internal Think Tank.(259) The backgrounds and experience of the authors are impressive without question, however their work in this book pontificates about a future, which I am hard pressed to think they personally believe would ever come true. I make this assertion because they both in writing this book must have known about these surveillance programs, which if unchecked would completely undermine almost, if not, everything they predict. They either willfully relied on the “hope strategy” that some day things would change and there was little they wanted to do, or could do, because they were both personally restrained by the National Security Letter requirements of the NSA. It is my contention though in the future that I would be more willing to pay actual money for Google’s valuable services and others like it, rather than pay with my information.
Regardless, I believe in at least one meaningful way they did do everyone a favor. They briefly mention that Multi-Factor Authentication, in other words event driven security architecture, is rapidly becoming the unofficial standard for securing the user accounts within digital systems.(260) While no system is 100% secure, event driven security architecture based on artificial intelligence concepts is the most secure because it solves the two main problems of Internet security systems, cost and complexity which I will address in Part 3 of this research blog.(261) A reasonable argument for why Mr. Schmidt and Cohen didn’t express any confidence the future they envision would be secure is most reasonably due to a sufficient lack of taxonomy among event driven security systems in the industry. Security is a “suitcase” term, meaning every technology company has a suitcase they call security, however what they put in that suitcase, and how they make decisions with that information, is completely different. All things being equal, they are all not sufficiently secure from theft and illicit use. Creating a standardized approach to understanding the correlation between fraudulent account and fraudulent activity within a system based on a weighting of confidence and trust would go along way both in terms of stemming cyber crime and enabling explicit rules of law to be written based off the standard.(262) This in my humble opinion is our passport to the new and more secure digital world we have collectively earned. It is everyone’s personal responsibility to know and protect thy digital self, because nobody is quite like you.
The future of U.S. Cyber Strategy
Can the U.S. implement an effective cyber security apparatus without the cooperation of other countries? Prior to the exposure of the NSA programs, it could have reasonably been argued the answer to this question was ‘yes’. Knowing what we do now, and what we will probably learn in the near future about other programs within the U.S. National surveillance apparatus, the answer in my mind is clear. No. The likelihood of an effective cyber security apparatus without international cooperation is low and will only alienate the U.S. more with its allies, acquaintances, and its enemies in the international system.
Coincidentally, on June 6th 2013, the same day the Guardian and Washington Post broke the initial story on the NSA story, the Council on Foreign Relations published a Task Force Report titled “Defending an Open, Global, Secure, and Resilient Internet”.(263) This report makes the Council on Foreign Relations also look like an extension of the U.S. National Surveillance apparatus because the findings and recommendations support and enhance how the current, unconstitutional and immoral system is being operated. I am hard pressed to believe that anybody on or closely affiliated with the council and this prestigious blue ribbon task force, didn’t know about these surveillance programs. On June 30th, 2013, the Washington Post and The Guardian newspapers released more information regarding U.S. national surveillance.(264) It was reported the NSA had been spying directly on its allies and of course it enemies.(265) Any realistic government probably does not think this is a shocking revelation. There is no such thing as a permanent friend or permanent foe in geopolitics, just permanent alliances of mutual interest. The Council on Foreign Relations would probably say that espionage and subterfuge are just the name of the game based on their report. However, what was shocking is the exposure of just how tightly integrated the NSA “prism” program is with the private sector information and communications companies. The NSA and CIA are not chartered to focus their efforts on the U.S. Domestic U.S. affairs is overseen by the FBI, and under the FISA courts the FBI is the organization that is collecting the data directly from the companies and passing it along to the NSA. There is a lot to say about this.