Blogs Archive

Browse by Topic

Browse by Author

Get Involved

Blog

Tool Without A Handle: Cybersecurity Paradoxes

By Chuck Cosson on June 4, 2022 at 5:25 pm

I discuss here two illustrative cases of paradoxical puzzles in cybersecurity:

1) To reduce failures, aim at having some failures;

2) To get better international cybersecurity, have fewer rules and limit prosecutorial-type enforcement.

First, to reduce failures, don't aim at a state where there are no failures. More sophisticated approaches to cybersecurity embrace paradox (or, if you will, irony). One salient example is the concept of “zero trust,” where, in effect, cybersecurity never sleeps. Additionally, a state of perfect security would breed complacency. Preferable to have imperfect security, where skirmishes lead to vigilance, and modest occurrences of failure cultivate determination.

Second, while rules and enforcement are important parts of any cybersecurity program, in dealing with nation-state actors who may not be subject to U.S. domestic law enforcement (akin to dealing with quantum particles that do not observe Newtonian laws of physics), it's often preferable to aim at somewhat ambiguous principles which enjoy broad consensus than to aim at rules and enforcement. Read more about Tool Without A Handle: Cybersecurity Paradoxes

Facebook, Google & Big Telecoms Want to Keep Violating Net Neutrality in Europe. Regulators Should Stop Them.

By Barbara van Schewick on May 30, 2022 at 12:09 am

The E.U.’s top telecom regulator BEREC is set to issue new net neutrality rules, after the European Court of Justice found that discriminatory zero-rating plans such as T-Mobile’s StreamOn and Vodafone’s Pass violate Europe’s net neutrality law. Read more about Facebook, Google & Big Telecoms Want to Keep Violating Net Neutrality in Europe. Regulators Should Stop Them.

On Remote Driving

By Bryant Walker Smith on May 16, 2022 at 5:22 am

The Law Commission in the United Kingdom recently completed its massive study on domestic legal reform for automated driving. As the UK government works to implement the study’s thoughtful recommendations, the Commission’s experts are now turning to the topic of remote driving. I’m happy to offer a few thoughts.

First, “remote driving” encompasses a range of scenarios.

The remote human might be: Read more about On Remote Driving

The End of Roe Will Bring About a Sea Change in the Encryption Debate

By Riana Pfefferkorn on May 10, 2022 at 5:55 pm

With the Supreme Court Read more about The End of Roe Will Bring About a Sea Change in the Encryption Debate

My Senate Testimony About Platform Transparency

By Daphne Keller on May 5, 2022 at 6:19 am

This week I participated in an unusually collegial and productive Senate hearing about approaches to platform transparency, presided over by Senator Coons. My detailed written testimony, including appendices listing other resources and attempting to identify platforms potentially covered by proposed laws, is here. It captures a lot of detailed questions and concerns that I have been thinking about for a while, but not had time to write about anywhere else, including about surveillance issues. Read more about My Senate Testimony About Platform Transparency

ISPs Drop Legal Fight Against California Net Neutrality Law

By Barbara van Schewick on May 4, 2022 at 5:11 pm

On Wednesday May 4 2020, the cable, phone, and wireless companies suing California over its historic net neutrality law withdrew their lawsuit after three consecutive losses in federal courts in California. Read more about ISPs Drop Legal Fight Against California Net Neutrality Law

What Does the DSA Say?

By Daphne Keller on April 25, 2022 at 7:04 pm

People keep asking me what the EU’s new Digital Services Act (DSA) says. So far, I have not found overview materials that seem like the right match for people unfamiliar with the EU legal and policy landscape. So here is my own very quick and dirty rundown.

User Privacy vs. Platform Transparency: The Conflicts Are Real and We Need to Talk About Them

By Daphne Keller on April 6, 2022 at 6:00 am

This post is about what I consider one of the hardest questions, particularly under laws that create special data-access regimes for researchers. What data are platforms supposed to share, and what personal information will it disclose about Internet users? This question pits privacy goals against data-access and research goals. A strongly pro-privacy answer will curtail research into questions of great public importance. A strongly pro-research answer will limit users’ privacy rights. In between lie a lot of difficult calls and complex trade-offs. Read more about User Privacy vs. Platform Transparency: The Conflicts Are Real and We Need to Talk About Them