Skip to main content

Tomorrow’s tech policy conversations today

Beech and oak trees grow in the city forest. For around 30 years, the trees in Lübeck's city forest have been allowed to grow as they please. Foresters only rarely intervene in the forest ecosystem. (to dpa-KORR.: "Lübeck forest concept should save forests and climate")
Beech and oak trees grow in a city forest in Lübeck, Germany. Concepts inspired by ecology have increasing relevance for debates regarding digital harms. (Marcus Brandt/dpa)

If we are ever to address effectively the harms and risks of digital technology, we first need the right language to describe the systems that collect, analyze, share, and store huge amounts of data about us as consumers, patients, and citizens—often with deleterious effects. Misinformation, attention extraction, discriminatory algorithmic profiling, and cybercrime: These digital harms all emerge from the data ecosystem in which we live, but not in ways we can fully see or explain.

Concepts and phrases inspired by ecology—like “information environment” and “social media ecosystem”—are beginning to reframe data and digital harms as parts of a greater whole and are inspiring a fuller understanding of how digital harms function. From the lifecycle of plastics, people have learned to form a holistic picture of consequences on a collective scale, and the concept of the “data lifecycle” can energize new ways of thinking about digital harms. The “data lifecycle” offers a way to break the complicated life of data into its component parts and to think of digital harms like we do externalities, such as air pollution, biodiversity loss, and chemical runoff. With a fresh metaphor, we can better understand the social costs imposed by goods and services in the data economy.

The sum of all data activities on planet earth might be called its “data metabolism,” which in 2020 created or replicated 64.2 zettabytes of data (1 zettabyte=10,000 gigabytes). Though the volume of data produced and consumed around the world is awe-inspiring, numbers offer only a limited understanding of the system. A qualitative representation of the system’s interrelated parts is also needed.

Read More

An E-CNY payment sign is put up on a desk in a store in the Luohu District in Shenzhen city, south China's Guangdong province, 11 October 2020.The Shenzhen municipal government announced a giveaway of ten million renminbi ($1.5 million) in central bank digital currency (CBDC). Fifty thousand people would receive the gifted money on a lottery basis in amounts of 200 yuan as part of the digital yuan tests and the trial was in the Luohu District. In accordance with the trial, about 3389 shops including restaurants and retail stores had updated and equiped system allowing eCNY payment in the Luohu District. As of 8p.m. on 11th October 2020, over 1.91million people participated in the lottery winning.No Use China. No Use France.
An E-CNY payment sign is put up on a desk in a store in the Luohu District in Shenzhen city, south China's Guangdong province, 11 October 2020.The Shenzhen municipal government announced a giveaway of ten million renminbi ($1.5 million) in central bank digital currency (CBDC). Fifty thousand people would receive the gifted money on a lottery basis in amounts of 200 yuan as part of the digital yuan tests and the trial was in the Luohu District. In accordance with the trial, about 3389 shops including restaurants and retail stores had updated and equiped system allowing eCNY payment in the Luohu District. As of 8p.m. on 11th October 2020, over 1.91million people participated in the lottery winning.No Use China. No Use France.
A sign advertising the ability to pay with E-CNY, China’s central bank digital currency, is seen at a store Shenzhen, China, on Oct. 11 2020. (Oriental Image via Reuters Connect)

The global currency market is facing digital disruption. Consumers around the world are flocking to cryptocurrencies, ushering in a more decentralized era in global finance. Governments are taking note and are rushing to develop central bank digital currencies (CBDCs)—digital forms of fiat currencies built on blockchain technologies. For now, the U.S. dollar remains king, but unless U.S. policymakers take decisive steps to adapt to an increasingly digital financial system, the United States risks losing the economic and geopolitical advantages afforded to it by the dollar’s dominance of the global financial system.

In responding to the growth of digital financial tools, the United States faces a classic “innovator’s dilemma” in which a dominant incumbent must respond to an insurgent innovator that threatens the incumbent’s position. The Biden administration is beginning to address this issue with the signing of a recent executive order directing U.S. government agencies to prioritize the development of policies to regulate digital assets and to examine the requirements and feasibility of launching a digital version of the dollar. But until a more comprehensive policy framework for digital assets is developed—a task likely to take years—U.S. policymakers must work to support the development of private-sector stablecoin alternatives to a Fed-issued digital dollar in order to adopt a more proactive mindset in countering challenges to the dollar’s dominance.

Read More

A man walks past a poster with an image of Russian president Vladimir Putin pained with the Russian Z sign used by the invading army and the word in Polish for 'evil' in Warsaw, Poland on 23 March, 2022. (Photo by STR/NurPhoto)NO USE FRANCE
A man walks past a poster with an image of Russian president Vladimir Putin pained with the Russian Z sign used by the invading army and the word in Polish for 'evil' in Warsaw, Poland on 23 March, 2022. (Photo by STR/NurPhoto)NO USE FRANCE
A man walks past a poster with an image of Russian President Vladimir Putin painted with the Russian Z sign used by the invading army and the word in Polish for ‘evil’ in Warsaw, Poland on March 23, 2022. (Photo by STR/NurPhoto)

In recent weeks, Russian officials and state media have seized on a fresh piece of disinformation to justify the invasion of Ukraine: that the United States is funding the development of dangerous biological weapons in Ukraine. This claim, which has no basis in fact, has not been confined to Kremlin propaganda. Popular podcasters in the United States have repeated and promoted it for their own purposes.  

Amid a reckoning over the role of podcasts in disseminating coronavirus-related misinformation, the promotion of this conspiracy theory by prominent American podcasters is the latest example of how podcasting has become a powerful and largely overlooked vector in the spread of mis- and disinformation. Over a 10-day period beginning March 8—when U.S. Under Secretary of State for Political Affairs Victoria Nuland said that the United States had provided funding to Ukrainian labs carrying out research to prevent the diffusion of harmful pathogens (not bioweapons)—13 popular political podcasters devoted segments in 30 episodes to the false theory that the United States had funded biological weapons research in Ukrainian labs. 

As the notion that the United States funded biological weapons development in Ukraine spread from fringe QAnon groups to Fox News, podcasts appear to have played a key role in facilitating its proliferation while at the same time mostly escaping scrutiny. The nature of podcasting makes oversight challenging, but the rapid growth of the medium suggests that this is a set of challenges that requires urgent attention from policymakers considering how to guard against disinformation. 

Read More

A bird flies past the U.S. Capitol in Washington, D.C., U.S., on Thursday, March 17, 2022. Photo by Al Drago/Pool/ABACAPRESS.COM
A bird flies past the U.S. Capitol in Washington, D.C., U.S., on Thursday, March 17, 2022. Photo by Al Drago/Pool/ABACAPRESS.COM
A bird flies past the U.S. Capitol in Washington, D.C., on Thursday, March 17, 2022. (Pool/ABACA via Reuters Connect)

In recent weeks, a misguided legislative initiative to provide children with better protection online has gained momentum on Capitol Hill. In its current form, the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2022—better known as the EARN IT Act—would strip technology companies of protection from liability for child sexual abuse material (CSAM) uploaded onto their platforms by users. The bill is premised on the idea that technology companies aren’t doing enough to combat the presence of such material and need to face the prospect of greater legal penalties to do so.

The bill is deeply flawed, and a chorus of technologists and researchers argue that the bill not only won’t achieve what it aims to do (protecting children) but will also harm a much larger group of internet users in trying and failing to protect kids from being exploited online. One of EARN IT’s key provisions potentially exposes technology companies to liability if their encryption features are found to enable the spread of CSAM—a move that may lead many companies to conclude that offering encryption to users simply isn’t worth it and doing away with secure messaging tools entirely. Such a move would be disastrous for privacy, human rights, free speech, and communities at risk for surveillance. 

EARN IT’s backers are motivated by a desire to help children, but in their attempt to do so, they’ve misdirected their efforts at computer security systems that enable the spread of CSAM as part of enabling all communications of any kind. Rather than focusing on preventing the production of CSAM in the first place, they are attempting to make changes to the security features of modern computing that allow it to be spread once created. The digitally enabled sexual abuse of children is a serious, horrific problem, but addressing it requires a different, more proactive approach. Instead of attacking security systems, policymakers could direct their efforts in a more useful direction: educating children how to be safe online. Investing in childhood education, primary care, adolescent education in consent, community support for ombuds and social work, and appropriate financial incentives for primary caregivers is difficult and expensive—and it works to prevent child sexual abuse. The EARN-IT Act, flatly, will not.

Read More

Russia President Vladimir Putin and China President of the Xi Jinping hold talks in Beijing, China, on Friday Feb 4, 2022. It is Xi first face-to-face meeting with world leader since 2019.
Russia President Vladimir Putin and China President of the Xi Jinping hold talks in Beijing, China, on Friday Feb 4, 2022. It is Xi first face-to-face meeting with world leader since 2019.
Russia President Vladimir Putin and China President of the Xi Jinping hold talks in Beijing, China, on Friday Feb. 4, 2022. (EYEPRESS via Reuters Connect)

When Chinese leader Xi Jinping met with Russian President Vladimir Putin on the sidelines of the Beijing Winter Olympics last month, the two leaders signaled to the world that their relationship had entered a new era. In a joint statement, the two men spoke of reshaping the international order, and a crucial aspect of this strategy centers on information. In the aftermath of Russia’s invasion of Ukraine, the full scope of their ambitions on this front, taking shape over many years, is coming into view.

The deepening relationship between China and Russia is driven in part by a shared narrative that the United States and the European Union are constraining their interests and that they are using information and technology to exert leverage over their adversaries. Putin and the Chinese Communist Party have cracked down on free expression, independent media, and internet freedoms largely to counter what both perceive as the risk posed to their respective regimes by alternative sources of information reaching domestic audiences—and to legitimize these methods internationally.

Though Russian and Chinese interests diverge in important ways, they are increasingly collaborating on the narratives being supplied to domestic audiences, feeding similar disinformation and propaganda to a citizenry increasingly cut off from the global web. In the aftermath of Russia’s invasion of Ukraine, Beijing has on the one hand avoided fully backing the incursion while on the other amplifying Kremlin propaganda on the issue. This week, for example, China’s foreign ministry repeated false Russian claims about the presence of U.S. biological weapons in Ukraine.

Against the backdrop of last month’s joint statement from Xi and Putin, this collaboration should be seen as part of a broader project to reshape the global information landscape to favor the Kremlin and Beijing’s authoritarian political projects.

Read More

Düsseldorf 26.02.202 Pro Ukraine Demonstration gegen Putin Russland Köbogen Schadowplatz Apple Computers Store Ladengeschäft ukrainische Fahnen Flaggen Düsseldorf Nordrhein-Westfalen Deutschland *** Dusseldorf 26 02 202 pro Ukraine demonstration against Putin Russia Köbogen Schadowplatz Apple Computers Store retail store Ukrainian flags Dusseldorf North Rhine Westphalia GermanyNo Use Switzerland. No Use Germany. No Use Japan. No Use Austria
Düsseldorf 26.02.202 Pro Ukraine Demonstration gegen Putin Russland Köbogen Schadowplatz Apple Computers Store Ladengeschäft ukrainische Fahnen Flaggen Düsseldorf Nordrhein-Westfalen Deutschland *** Dusseldorf 26 02 202 pro Ukraine demonstration against Putin Russia Köbogen Schadowplatz Apple Computers Store retail store Ukrainian flags Dusseldorf North Rhine Westphalia GermanyNo Use Switzerland. No Use Germany. No Use Japan. No Use Austria
Protesters in Düsseldorf, Germany, gather to oppose Russia’s invasion of Ukraine. (Imago Images/Michael Gstettenbauer via Reuters Connect)

Every Thursday, the TechStream newsletter brings you the latest from Brookings TechStream and news and analysis about the world of technology. To sign up and get this newsletter delivered to your inbox, click here.

Russia’s darkening tech landscape

Two weeks into Russia’s invasion of Ukraine, the Russian tech and media ecosystem is being battered from two directions—an unprecedented Western sanctions regime and an increasingly authoritarian Russian state. Technology companies and workers are fleeing Russia, Western media and information is being severely restricted, and Russian access to key technologies is being significantly curtailed. Between the force of sanctions and the Russian government’s moves to consolidate power, we are witnessing a radical restructuring of the Russian economy and Russia’s relationship with the West.  

Read More

FILE PHOTO: Russian rouble banknotes and representations of the cryptocurrency Bitcoin are seen in this illustration taken March 1, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Russian rouble banknotes and representations of the cryptocurrency Bitcoin are seen in this illustration taken March 1, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
Russian ruble banknotes and representations of the cryptocurrency Bitcoin are seen in this illustration taken March 1, 2022. (REUTERS/Dado Ruvic)

As cryptocurrencies march toward mainstream adoption, a persistent misconception seems to have taken root among policymakers: That cryptocurrencies broadly—and Bitcoin specifically—pose a major threat to sanctions regimes and anti-money laundering efforts because of the anonymity they provide users. In legislation being considered in Washington, such as a recent measure to address El Salvador’s adoption of Bitcoin and another to bolster innovation capacity, policymakers are considering rules that would crack down on digital currencies with the aim of preventing money-laundering. And as the United States rolls out sanctions to counter Russia’s invasion of Ukraine, cryptocurrencies have been cited as a way for the Kremlin to circumvent financial penalties. But the perception of Bitcoin as providing perfect anonymity belies an inaccurate understanding of how the technology works and fails to address the complex dynamics currently at play between cybercriminals, sanctioned entities, and law enforcement agencies.

In early February, the U.S. Department of Justice made a record seizure of cryptocurrency—$4.5 billion—and announced that it had arrested a New York couple for their role laundering funds stolen from a cryptocurrency exchange. “Thanks to the meticulous work of law enforcement, the department once again showed how it can and will follow the money, no matter what form it takes,” the department noted. The arrest of the couple—an eccentric pair that were quickly dubbed the “crypto Bonnie and Clyde”—illustrated the increasing sophistication with which law enforcement in the United States and elsewhere are investigating cybercriminals.

Although Bitcoin and related cryptocurrencies offer some anonymizing features, they are in fact highly traceable. In a series of recent cases, investigators have demonstrated how to use the visible and immutable ledger of decentralized blockchains to trace illegal transactions and sometimes even recover stolen funds. In the cat and mouse game between law enforcement and online criminals, policymakers concerned with money laundering therefore ought to focus less on targeting Bitcoin and similar currencies and instead get ahead of shifting trends—principally, the adoption of privacy-protecting coins and the use of decentralized exchanges—that threaten to make investigations of online crimes and enforcing sanctions more difficult.

Read More

In this photo illustration, Apache Log4j logo of a Java-based logging utility is seen on a smartphone screen. (Photo by Pavlo Gonchar / SOPA Images/Sipa USA)No Use Germany.
In this photo illustration, Apache Log4j logo of a Java-based logging utility is seen on a smartphone screen. (Photo by Pavlo Gonchar / SOPA Images/Sipa USA)No Use Germany.
In this photo illustration, the logo of the Log4j logging utility is seen on a smartphone screen. (Pavlo Gonchar / SOPA Images/Sipa via Reuters Connect)

Earlier this year, major technology companies, non-profits, and government agencies convened for an urgent meeting at the White House to discuss how best to address the security concerns posed by free and open-source software (FOSS)—software that is developed by a distributed community rather than a centralized company. For years, tech companies and security experts have made the case for greater investments in the security of the FOSS ecosystem, as it has become an increasingly important part of critical digital infrastructure. The importance of doing so was highlighted by the recent Log4Shell vulnerability in the log4j FOSS package. Deployed across a vast range of digital applications, log4j exposed a huge amount of software to a devastating security vulnerability and illustrated the urgent need to improve security in open-source software.

FOSS is decentralized and free to use, so when security vulnerabilities are found it is difficult to determine the exact extent of the threat. Perhaps the most vexing part of the problem is that it is difficult to know which FOSS packages are most widely used (and therefore most concerning if a vulnerability is found in a given package). This lack of knowledge about which FOSS packages are deployed—and where—leaves defenders in the dark and makes hard decisions about where to deploy resources even more difficult.

To address this problem, our team at the Laboratory for Innovation Science at Harvard (LISH) has partnered with the Linux Foundation and the Open Source Security Foundation (OpenSSF) to determine which FOSS packages are most widely deployed. Our findings, documented in a report released today, provide a detailed look at which FOSS packages are deployed in production applications and offer a number of lessons for policymakers and developers about how to improve the security of a critical building block of the digital economy.

Read More

Vladimir Putin, Russia's president, speaks during a news conference, seen on a television monitor in the White House briefing room in Washington, U.S., on Monday, Feb. 21, 2022. Photographer: Al Drago/Pool/Sipa USANo Use Germany.
Vladimir Putin, Russia's president, speaks during a news conference, seen on a television monitor in the White House briefing room in Washington, U.S., on Monday, Feb. 21, 2022. Photographer: Al Drago/Pool/Sipa USANo Use Germany.
Russian President Vladimir Putin speaks during a news conference, as seen on a television monitor in the White House briefing room in Washington, U.S., on Monday, Feb. 21, 2022. (Sipa USA via Reuters Connect)

Moscow’s efforts to spread disinformation about the crisis in Ukraine began months ago—and it will only intensify as the conflict does. Across state and social media, the Kremlin is spreading its baseless justification for invading its neighbor: that Ukraine is perpetuating a genocide against Russian speaking people in the country’s east. This propaganda effort has included plans for a fabricated video of Ukrainian soldiers committing acts of violence against civilians and spurious claims that Kyiv’s forces planned an amphibious assault against Russian-backed separatists. All the while, the Kremlin continues to accuse the United States and its partners of spreading “war propaganda” and conducting “information terrorism.

Russia’s propaganda offensive is aimed at building support for the invasion, both at home and in the eyes of the world, and technology companies are taking rapid measures to address the spread of Kremlin narratives on their platforms. Even as Russia has struggled to shape perceptions about the crisis in Ukraine, its state-backed propaganda performed surprisingly well on Google News. The California-based technology company announced on Tuesday that it would ban Russian state-backed outlets from its Google News search tool after Kremlin outlets performed well in searches related to the conflict. 

Over the past week, the Kremlin’s propaganda apparatus consistently returned the top search result for two key terms related to the conflict—“DPR” and “LPR,” abbreviations for the break-away regions in Ukraine’s east, the Donetsk People’s Republic and the Luhansk People’s Republic, respectively. On five of the past seven days, searches for “DPR” and “LPR” on Google News surfaced Russian state media as the top result. On each of the past seven days, for the same searches, Russian state media was among the top two results.

Read More

A U.S. Government-funded competition has seen autonomous robots battling against each other in an underground cave complex. 

The DARPA Subterranean (SubT) Challenge took place at the Louisville Mega Cavern September 21-24, 2021. DARPA – the Defense Advanced Research Projects Agency – is a research and development agency of the U.S. Department of Defense responsible for the development of emerging technologies for use by the military. 

With $5 million in total prize money at stake, competitors were tasked with entering robots that could navigate courses and obstacles. 

Teams in the Systems Competition element of the event developed a wide variety of robotic systems to advance and evaluate novel mapping and navigation solutions for application in realistic field environments, such as human-made tunnels, urban underground settings, and caves. 

The Systems Competition involved physical robots and a Virtual Competition took place in simulated underground worlds. Four of the teams competed in both competitions. 

Teams in the Virtual Competition developed software and algorithms using virtual models of systems, environments, and terrain to compete in simulation-based events, and explore simulated environments. 

CERBERUS won the Systems Competition and Dynamo topped the leaderboard in the Virtual Competition as roboticists and engineers from eleven countries participated in the Final Event. The Systems and Virtual winners won $2 million and $750,000, respectively. 

“In time-sensitive missions, such as active combat operations or disaster response, warfighters and first responders face difficult terrain, unstable structures, degraded environmental conditions, severe communication constraints, and expansive areas of operation,” said Timothy Chung, program manager of the SubT Challenge. “The Challenge has helped to significantly advance technological tools for tackling these impediments and safeguarding lives.” 

Since the SubT Challenge began in 2018, teams
A U.S. government-funded competition has seen Autonomous robots battle against each other in an underground cave complex as part of a U.S. government-funded competition. (DARPA/Cover-Images.com via Reuters Connect)

Silicon Valley’s frustration with the Department of Defense is both well-known and well-founded. All too often, the department provides initial funding to develop a promising technology, only to fail to deliver funding adequate to sustain a scaled capability. This gap between initial and sustained funding is so well-known that it has nickname—the so-called “valley of death”—and it makes the Pentagon an unreliable partner. It has gotten bad enough that when defense and technology officials recently convened for the annual Reagan National Defense Forum in California, investors and technologists made clear that their collective tolerance for the Pentagon’s inability to work effectively with the defense innovation base is nearing the point of no return.

The Defense Department is aware of this criticism and has sought to address it via meaningful reform. In a report from earlier this month on competition in the defense industrial base, the DoD reports that these efforts have achieved creditable success in increasing engagement with small businesses through the use of tools like the “Other Transaction Authority,” the “Small Business Innovation Research,” and the “Small Business Technology Transfer” programs. The 2022 National Defense Authorization Act (NDAA) includes similar reform provisions instructing the DoD to streamline contracting—especially of systems that enable software development and adoption—and to expand engagement with new and underused vendors. It also includes an important provision establishing a committee to review and to make recommendations about how to best revise the Planning, Programming, Budgeting & Execution Process (PPBE), the means through which the Pentagon allocates its resources.

These measures are sensible but should not be expected to solve the DoD’s difficulties acquiring the technology it needs to build a modernized military. Process change can reduce barriers to acquisition, but it will not remove the central impediment: The problem isn’t that the DoD doesn’t know how to buy; it is that it doesn’t know what to buy.

Read More