The Center for Internet and Society at Stanford Law School is a leader in the study of the law and policy around the Internet and other emerging technologies.
Data’s intangibility poses significant difficulties for determining where data is located. The problem is not that data is located nowhere, but that it may be located anywhere, and at least parts of it may be located nearly everywhere. And access to data does not depend on physical proximity.
This article examines the challenge facing cyber intelligence analysts who have to explain threat information and analysis to non-technical consumers, like executives or law enforcement. It explains why these challenges are common, but are often more pronounced in state and local government contexts. Finally, it proposes a conceptual framework to think about the tradeoffs such analysts face, examines similar challenges in other policy areas, and offers strategies for communicating threat information effectively under various constraints.