Doctoral Fellow Aras Coskuntuncel Defends Dissertation on Information Control Strategies in Turkey

Dr. Coskuntuncel with Lab Faculty Director and Interim Dean of SOC Dr. Laura DeNardis

Dr. Coskuntuncel with Lab Faculty Director and Interim Dean of SOC Dr. Laura DeNardis

By Sarah Palaia | March 19, 2020
  
As the Turkish government and its supporters solidify power and suppress dissent in the country, the ability of protesters and journalists to organize and share information over digital platforms is more important than ever. Watching events unfold, observers view webcasts and read tweets and assume that new digital communication technology keeps information flowing freely. The work of recent PhD graduate Aras Coskuntuncel helps us understand that, in real life, the story is not so simple.  
 
Coskuntuncel’s research challenges the prevailing narrative that digital communication technologies tend to favor free speech and democratic processes, and he offers a new framework for understanding how non-democratic actors use “control points” to censor and limit the flow of information.  
 
Using Turkey as a case study, Coskuntuncel explored the struggle between competing groups to control information during moments of social upheaval. He found that while dissidents and journalists used digital platforms to try to resist censorship, ruling elites were deploying the same technologies to censor and limit the flow of information. Far from undermining traditional structures, new technology may have helped those elites perpetuate their hold on power. 
 
The new PhD graduate also contributes a unique analytical framework for understanding these dynamics. The framework comprises five “information control points” critical to manipulating the flow of information:  

  • Instrumentalizing media through ownership structure 

  • Privatizing censorship and surveillance by taking advantage of the businessmodel of the digital media  

  • Networking surveillance 

  • Employing direct censorship and legal political attacks 

  • Networking information campaigns 

The framework provides a powerful tool for researchers and democracy advocates looking to better understand the mechanisms of control in the digital era. Coskuntuncel hopes it will also help people “envision more democratic alternatives to today’s communication systems.” 
 
Prior to entering the SOC PhD program, Coskuntuncel earned his master’s degree in media studies from the University of Wisconsin-Milwaukee.  While living in Turkey, he worked for the Hurriyet Daily News in Istanbul as the diplomacy and foreign news editor. Those experiences left him well prepared to launch an ambitious PhD project. 
 
Coskuntuncel attributes the success of his dissertation, in part, to the scholarship and mentorship of AU SOC faculty. He says, “Our faculty’s approach, expertise, and their tireless guidance and close attention are what make AU’s PhD in communication second to none.” He points to the many professors who provided assistance and mentorship, including his adviser and dissertation committee chair, Laura DeNardis, Professor Emerita Kathryn Montgomery, PhD Program Director Patricia Aufderheide, Chair of Communication Studies Division Aram Sinnreich, and Professor Ericka Menchen-Trevino

Girls in ICT Day 2020 Goes Virtual

Web-banner_Date.jpg

International Girls in ICT Day is an initiative backed by ITU Member States in Plenipotentiary Resolution 70 (Rev. Busan, 2014) to create a global environment that empowers and encourages girls and young women to consider studies and careers in the growing field of information and communication technologies. Resolution 70 calls for all ITU members to celebrate and commemorate International Girls in ICT Day on the fourth Thursday of April every year.

This year, as we face unprecedented challenges around the COVID-19 pandemic, we will be commemorating Girls in ICT Day virtually, via our website and social media channels (@internetgov on Twitter) with the hashtag #GirlsinICT.

Check out this introductory message from Doreen Bodgan-Martin, Director of the ITU Telecommunication Development Bureau, and an AU alum!

The Rise of Big Tech in India

On September 6 & 7th, 2019, I participated in a Cyber Policy Lab convened by Tandem Research in Goa, India on the Rise of Big Tech in India. The plenary session attempted to lay a broad roadmap for defining and conceptualizing Big Tech in India, focusing on its power and influence across policy circles and the everyday lives of Indian citizens.

The big questions that emerged from the plenary session were: (1) whether Big Tech is even a relevant category for India vis-à-vis the dominance of American and Chinese tech globally and in India, and (2) if India is ready institutionally (in the private and public sectors) to manage its growing digital economy and Big Tech writ large?

There was a recognition that while the use of the adjective "big" is not new, such as past narratives about big pharma, big tobacco, and big business, it carries a negative connotation in relation to tech, as evidenced in narratives ranging from "tech euphoria" to "tech lash." This is also largely driven by the power, scale, and speed of digital tech developments and the negative externalities of pervasive data collection that these systems are premised and rely on. To this point, one speaker noted how iconic US brands like Apple and Facebook began as countercultures that morphed into gigantic global cultural forces themselves. Meanwhile, others pointed out the degree to which Big Tech and the state are not as antagonistic as media narratives would have consumers and citizens believe. Indeed, even in the wake of the Snowden disclosures, American tech companies continue to partner with the Indian government's Digital India initiative, especially in rural India.

The first thematic session was an attempt to map the Indian Internet ecosystem across actors, interests, and influence. Intense debate ensued regarding whether Indian Big Tech is even a relevant category, not simply because of the dominance of US companies like Google, Facebook, Amazon, Microsoft, as well as China’s Alibaba, but more recently because of the influx of foreign equity and tech funding into India's start-up ecosystem from the likes of SoftBank, Tencent, and Google's Next Billion Users Unit. Some workshop participants likened these developments to the spice trade of the 1600s, which brought foreign traders to India and ultimately led to the establishment of British imperialism for 300 years. Similarly, some attendees argued that Indian public policy was historically driven by the top 10% of the urban educated elites who favored more left-leaning policies, but that the new India would have to include the aspirations and demands of a more diverse population who would make up the next billion Internet users and digital consumers. Another important insight focused on the extent to which research in India is led by tech companies as opposed to academic centers. This is partly due to increased funding of academic and civil society events and research from tech companies like Microsoft, Google, Facebook, and TikTok, including digital literacy programs in rural India.

Others opined on the myth that Big Tech and multinational corporations are against privacy. They argued that robust privacy policies are now viewed as a competitive advantage. Frighteningly, many pro-market and nationalist actors feel that for a developing economy like India, domestic entrepreneurial innovation should be stated by the government as a national priority and not be sacrificed to cater to individual privacy and data protection demands. These attendees recommended that technologists "infiltrate" government policy circles and "cultivate" influential actors in the policy space to educate legislators, policymakers, and bureaucrats about digital technologies to achieve more market-friendly policy objectives.

The second session focused on current policy/regulatory interventions and their likely consequences. The session began with a mapping of all the policies in place and in the pipeline including the IT Act of 2000, the proposed Personal Data Protection Bill, the draft e-Commerce Bill, the Reserve Bank's 2018 Notification of Storage of Data Policy, 2000’s draft Intermediary Liability Rules of IT Act,the draft ePharmacy Regulation, 2017’s FDI Policy, 2014’s National Telecom Policy, the Companies Accounting Bill of 2017, and the IRDAI Regulations regarding storage of data. Data localization was a major point of contention between the participants. Surprisingly, pro-market participants favored data localization on the basis of national sovereignty, while pro-rights participants favored the free and open flow of data. The latter group expressed surveillance concerns of an increasingly authoritarian state in India which had low judicial oversight mechanisms in place for personal data requests by government agencies and officials.

The third group discussion was an attempt to reimagine the digital economy beyond current and readily accepted narratives. There was a strong case made by digital rights activists that framing the space in terms of a "digital economy" limits policy debates to discussions of market failures and state interventions rather than expanding the space to include other social and cultural issues and stakeholders. One participant felt that in India three reimaginations of the digital economy have emerged around data localization, community data, and data as a public good — euphemisms that emphasize increased government control over citizens' data and the subsequent transfer of this data to the private sector. This is problematic as many state-market negotiations often lack transparency and accountability in India, which has a notorious reputation for crony capitalism. Another interesting conceptualization focused on the physical material extraction that feeds the digital economy, which is as exploitative of developing countries as the metaphorical extraction of personal data that fed the imaginaries of data colonialism.

Finally, there was a series of breakaway sessions on knowledge creation and policy needs for India. The discussions here focused mostly on the gig economy relating to global platforms like Uber and AirBnB and domestic players like food delivery app Swiggy, grocery aggregators like Big Basket, and personalized home services like Urban Clap. The following questions emerged: what kind of data governance standards needed to be put in place? Are labor standards and regulations up to speed with protecting the interests of these gig workers? Do they require sector-specific regulations? And how would anti-trust regulations safeguard the smaller players?

As is often the case at such fora, the two days of deliberations threw up more questions than answers. But what stayed with me was the active engagement on these issues by Indian actors from across the spectrum and some of the similarities of discussions I heard at US and European conferences. What surprised me was the willingness by some of the participants to sacrifice values of privacy and individual rights at the altar of a narrow concept of national development and sovereignty, a disturbing trend in the context of increasing political and social polarization and divisiveness. In this sense, Yochai Ben­­­kler’s vision of the Internet, in which networks would enable the free flow of information and encourage the democratization of the information economy and the online public sphere has failed. Instead, the political economy of Shoshana Zuboff's surveillance capitalism model of pervasive and exploitative data collection designed to surveil, target, and micro-target information seems to have won the day.

Internet Governance Lab Joins Paris Call for Trust and Security in Cyberspace

The Internet Governance Lab joined over 650 signatories from across States, industry, and civil society on Monday in joining the Paris Call for Trust and Security in Cyberspace, the largest cybersecurity-focused, multi-stakeholder agreement in the world.

Launched by French President Emmanuel Macron at the 2018 UNESCO Internet Governance Forum in Paris, the Paris Call seeks to foster collaboration between States, the private sector, and civil society in protecting users’ rights and security online. In particular, the call outlines nine goals aimed at supporting an “open, secure, stable, accessible and peaceful cyberspace”:

  • Prevent and recover from malicious cyber activities that threaten or cause significant, indiscriminate or systemic harm to individuals and critical infrastructure.

  • Prevent activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet.

  • Strengthen our capacity to prevent malign interference by foreign actors aimed at undermining electoral processes through malicious cyber activities.

  • Prevent ICT-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sector.

  • Develop ways to prevent the proliferation of malicious ICT tools and practices intended to cause harm.

  • Strengthen the security of digital processes, products and services, throughout their lifecycle and supply chain.

  • Support efforts to strengthen and advance cyber hygiene for all actors.

  • Take steps to prevent non-State actors, including the private sector, from hacking-back, for their own purposes or those of other non-State actors.

  • Promote the widespread acceptance and implementation of international norms of responsible behavior as well as confidence-building measures in cyberspace.

In a company blog post, Microsoft President Brad Smith wrote, “Today’s announcements came as part of the Paris Peace Forum, an event commemorating the centennial of the Armistice that brought an end to the First World War,” adding “As was the case a century ago, the nature of technology and warfare is changing. A century ago, governments and human institutions failed to adapt to the changing world. This century, we need to do better. With the help of clear principles, strong protection and a growing multistakeholder coalition, we can build on today’s milestones and continue to provide the world the strong cybersecurity it deserves.”

At DC CyberTalks, cybersecurity leaders call for robust cyber workforce, enhanced collaboration, and secure critical infrastructure

The annual DC Cyberweek, presented by CyberScoop, brought together more than 10,000 attendees to over a hundred community events last week. As one of the main events of the week, CyberScoop hosted CyberTalks, a daylong TED Talk-style conference focusing on cybersecurity featuring a wide range of influential cyber leaders from both government and private sector. Throughout each of the thirteen talks and interviews, the speakers highlighted current issues, priorities, and advancements in cyber today.

Three themes emerged throughout the day: an urgent need for a greater cyber workforce, more efficient collaboration between agencies and the private sector, and the need to build in cybersecurity into critical infrastructure.

For many of the speakers, the most pressing threat to longterm cybersecurity was not a particular foreign adversary but rather the difficulty of staffing the gargantuan cyber workforce necessary to stay ahead of an ever-expanding ocean of threats. Representative Mike Rogers stressed the shortage of workers in the government, where he said there are currently over 3000 cyber jobs vacant. Rogers explained that in the context of the federal workforce, government salaries cannot currently compete with the salaries offered by tech companies. Also addressing the growing cyber job market, Matt Olsen, Chief Trust & Security Advisor for Uber, made a case for greater commitment to cybersecurity expertise, stating that there will be 3.1 million unfilled cyber jobs by 2021. Bill Rowan, VP of Federal Sales at VMware said, “Let’s build our [cyber] workforce, not just at the federal level, but also in industry, at a national level.” Meanwhile, over half the speakers addressed the urgent need for a larger and more expert cyber workforce, with an emphasis on the need to attract young people to the field.

Goldy Kamali, Founder & CEO of Scoop News Group, gives introductory remarks at DC CyberTalks2019.

Goldy Kamali, Founder & CEO of Scoop News Group, gives introductory remarks at DC CyberTalks2019.

In addition to a larger workforce, several speakers discussed ongoing and sustained tactics towards cybersecurity efforts, both from a large-scale perspective as well as from the role of the individual. Suzette Kent, the Federal CIO at the Office of Management and Budget, proposed a shift in the way we thing about cybersecurity, from discrete one-off attacks to a constantly shifting “digital battlefront,” in which skirmishes are fought on a daily basis. Kent claimed, “We will win on this digital battlefront. We’ve proven that we can win.” Matthew Dunlop, VP and CISO at Under Armour, and Toke Vandervoort, SVP Deputy General Counsel at Under Armour, talked about making users into better “cyber citizens.” They stated a need for more effective cybersecurity training programs because 99% of errors are user mistakes. When it comes to practical application of defense strategies against cyberattacks, such as a ransomware attack, Gary Brantley, the CIO of the city of Atlanta, emphasized the theme of “preparing for the inevitable.” That it is not a matter of if, but when, the next cyberattack will occur, making it important to train a “muscle memory for disaster.”

As one way to address the battle against cyberattacks, many speakers underscored the need for better and more efficient collaboration, both within the government—between agencies—and the need for both industry and government to work together. To this end, Chris Krebs, the Director at CISA, discussed the need to pull together broader threat feeds to provide real-time advice. “Context is king,” said Krebs, explaining that information sharing is much more than compromise; rather, information sharing in appropriate contexts can make all the difference when dealing with a cybersecurity threat. This sentiment was echoed by other speakers who called for better methods of information sharing and establishing structures that increase the speed and quality of information sharing. Anne Neuberger, Director of Cybersecurity at the NSA, reiterated that it is essential for information to be shared quickly and in an unclassified way, adding that it is critical to work with the private sector, as “we all have pieces of the puzzle.”

A main concern regarding cyberattacks is not just the speed of the threat, but also the scale. Tonya Ugoretz, Deputy Assistant Director for the Cyber Division at the FBI, showed how sometimes the scope of cyberattacks are hard to comprehend. Ugoretz shared some numbers to try to capture the scale of cybercrime: in terms of business email compromise—which is only one type of common cybercrime—all 50 states and 157 countries have been affected, totaling losses of more than $26 billion globally. Additionally, ransomware attacks to date have cost $7.3 million with attackers targeting hospitals, schools, and first responders—those who can least afford to be offline.

In discussing the role of critical infrastructure in cybersecurity, many speakers stressed the need to directly build in cybersecurity at the infrastructural level, rather than adding it on later as an afterthought. Chris Johnson, Google Cloud’s Global Compliance Product Lead, argued that we are at a pivotal moment, as many companies and organizations are in the process of moving infrastructure. He explained that to achieve better outcomes in cybersecurity, there is a need for better “buildings”—that is to say, cybersecurity needs to be “built in, not bolted on.” Speaking to the importance of data resiliency, Teresa Shea, VP of cyberwarfare and mission innovations at Raytheon, explained that “it’s all about the data,” estimating that by 2025, the collective sum of the world’s data will be 175 zettabytes.

Similarly, Shea lamented the degree to which security struggles to keep pace with innovation, “We’re in a race to get our tech into place before the bad guys,” she explained, indicating that the ability to get the technology in place involves two key components: (1) taking tech into the backend process and (2) fixing current laws and policies, which have not kept pace with the telecommunications world. Here Shea emphasized the importance of “modernizing law and implementing it in dynamic ways.”

Overall, a key takeaway from CyberTalks was a call for greater collaboration between various government agencies as well as coordination with the private sector. Cybersecurity is an ongoing, daily issue and so there is a need for a larger, expert cyber workforce and an attention to engineering cybersecurity into critical infrastructure. As Grant Schneider, Federal CISO and Sr. Director for Cybersecurity Policy on the National Security Council, stated, when it comes to cybersecurity, “everyone has a role to play.”

NTIA Administrator Fiona Alexander Joins Internet Governance Lab as Distinguished Fellow

7AFD4BA8-E483-4218-8175-A49D288FA094.jpeg

The Internet Governance Lab is pleased to announce that Fiona Alexander, a Presidential Rank Award winner for her leadership at the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA), will be joining the Lab as a Distinguished Fellow in Residence for 2019/20. In addition to her fellowship with the Internet Governance Lab, Ms. Alexander will also serve as Distinguished Policy Strategist in Residence in the School of International Service where she will engage with students and conduct research on a number of Internet governance and technology policy topics.

Before joining AU, Ms. Alexander was the Associate Administrator for International Affairs at NTIA where she was the principal official responsible for the analysis, development, and execution of international Internet, cyber, and communications policy within the Executive Branch of the United States government. In 2017 she became NTIA’s sole winner of the Presidential Rank Award for her leadership in the two-decade effort to privatize the Internet’s domain name system (DNS). 

Ms. Alexander is a member of the High-level Advisory Group for the Global Internet & Jurisdiction Policy Network and was appointed by the United Nations Secretary General to the Internet Governance Forum (IGF) Multistakeholder Advisory Group.  She also co-led the Department of Commerce Internet Policy Task Force in its efforts to develop policy, norms and tools for commercial data privacy, online copyright protection, cybersecurity, and the free flow of information.  In her 18 years at NTIA, Ms. Alexander designed and executed a strategy for the successful election of the first woman in the 153 year history of the International Telecommunication Union (ITU) and negotiated principles for Artificial Intelligence at the Organization for Economic Cooperation and Development (OECD).

"When I think of policy and thought leaders who have both shaped ethically and understood well the global practice of internet governance, the first to come to mind is our extraordinary alumna, Fiona Alexander,” explains Internet Governance Lab Co-Director Dr. Nanette Levinson.

A graduate of American University’s International Affairs master’s program, Ms. Alexander began her career as an intern at the U.S. Information Agency (now part of the Department of State) where she worked on statistical analysis related to NATO expansion, among other issues. After two years as a consultant with Booz Allen Hamilton, Ms. Alexander began as a Senior Telecommunications Policy Specialist at NTIA in 2000 where she would go on to serve as a the chief government official tasked with shepherding the privatization of the DNS, a process that would be completed on October 1, 2016 with the formal transition of the DNS functions to the global multistakeholder community. “When the DNS was privatized, that was the end effectively of my internship project at NTIA internship,” explains Alexander of her celebrated tenure at NTIA.

Having successfully steered NTIA through this long and winding transition, Ms. Alexander arrives at AU ready to lend her expertise toward investigating some of the most pressing and consequential questions around the future of Internet governance, including the role of governments and efforts to construct guardrails for an Internet that has morphed in fundamental ways over the past 20 years.