The world is currently witnessing an unprecedented level of security challenges. Western governments are faced with an erosion of the rules-based global order and aggressive, would-be deniable physical acts such as Russia’s hostile actions. Countries with opposing ideologies have always, in one way or another, presented challenges for the West; the origins of Vladimir Putin’s Russia, ideologically pursuing previous Soviet glory, show how traditional state threats might fluctuate in severity but ultimately remain constant. What is new, however, is the ability of states to now utilize sophisticated technologies, in combination with traditional military and intelligence structures, to launch sustained, largely deniable and potentially highly consequential ‘attacks’ on nations and institutions considered to be a threat.
While it is widely acknowledged that the Russian government launched a long-term series of significant hostile actions against the 2016 U.S. elections to promote the interests of their preferred candidate, the remote manner in which this campaign was carried out has permitted Putin’s government to maintain, albeit increasingly implausible, a flat denial of affecting the democratic process to determine the outcome. The significance of the threat cannot be underestimated and it is now time for widespread recognition of the need to bring together the jewels in the crown of the Western world – well-resourced, democratically elected institutions and world-leading enterprises – to counter the increasingly common trends of hybrid warfare that threaten the global democratic order.
The news is, however, not all bad: With the rapid evolution of the challenge comes the potential to harness technology to counteract the deterioration of the security of the digital age, including the regularly exploited ‘plausible deniability’ model of attack that is so widespread. However, society must now decide whether we chastise or embrace technology, much of it a product of large, Western companies, to counter emerging threats. Fundamentally, we must decide whether we collaborate and work with pioneering, cutting-edge technologies for the greater collective good, or continue to use technological giants as a politically convenient scapegoat. Technological innovation, the promotion of society’s ideals and political priorities to reduce extremism and crime can go hand in hand with the implementation of progressive policy initiatives. Former President Barack Obama, speaking in May 2018, highlighted the need for a closer relationship between technology companies and the U.S. government, stating that “it is in the interest of all of us for there to be a good conversation between the tech community and the people in Washington,” and this applies equally to other Western democracies. Pitting ourselves against innovation is a fundamentally counterproductive step. Instead, the power and potential of the modern age should be embraced by the security community, including through working with large and pioneering private-sector institutions, to reform and improve those systems that are longstanding parts of our infrastructure and society but are not fit for purpose in the digital age. Hostile states should not be allowed to harness unopposed the full potential of technology to damage western democracy while governments are ignoring the good that can come from the same source, opting instead for the easy option of punishing those institutions best placed to reverse the tide of technology-based hybrid warfare.
Working with technology companies to counteract the proliferation of extremist material is a key and mutually beneficial goal; however, it is not the only way in which this relationship can deliver real-world results in countering modern threats. Large technology companies, particularly those prominent in hosting social media platforms, retain significant levels of personal data, given with permission by the owners of that data under regulations such as the recent General Data Protection Regulation (GDPR) in the European Union and domestic interpretations of this act like the UK’s updated Data Protection Act. If consumers are happy for companies to use this data, should they not also be comfortable for the same data to be used by the same firms, working in conjunction with elected governments, to fight the proliferation of extremism, organized crime and other criminal enterprises whose activities are principally conducted online?
Working together from the outset is beneficial to governments in accessing the data they need to combat these threats, which spread so rapidly via internet communications platforms, and therefore increase the safety of society. For businesses, apart from the clear social-responsibility benefit of positively contributing to collective security, a proactive attitude in cooperation also aids in reducing the need for potentially restrictive regulation, which is regularly introduced following a significantly damaging event, be that in the street or affecting the market. Western governments have been relatively reluctant to overregulate in the technology sector; however, public opinion and political pressure over the sight of highly lucrative companies playing host to anti-Western propaganda continually heightens the chances that, without a concrete strategy in place, increased regulation will be a significant factor in operating in this space moving forward.
It is now time for industry to repay the faith shown by those democratic governments that have resisted the urge to score short-term political points by introducing headline-grabbing regulations which, in the long term, damage innovation and growth. The ability to pre-empt regulation – it can often be both time-consuming and expensive for businesses to ensure compliance – depends upon a fundamental understanding of governments’ goals and the introduction of steps and principles by a particular company to align with those goals. The efforts of businesses to deliver upon societal and governmental objectives also brings the added bonus of fostering trust between industry and regulatory bodies, allowing for a less confrontational environment and a ‘win-win’ benefit to both the private and public sectors.
The building of positive relationships should not be limited solely to Silicon Valley-born tech giants, who already have the ability to influence at a global level. Rather, governments should also ensure that they work with new, developing companies in the technology sphere to promote a mutually beneficial relationship in which both the entrepreneur or fledgling company understands the requirements of government and, in turn, the company benefits from government support to grow. This extends beyond simply financial investment, which is substantial – in the 2016 fiscal year, America’s “total federal funding for research and development programs was $140.5 billion, with nearly three-quarters of this funding going to private industry, universities, and federally funded research and development centres operated by private contractors.” On top of this significant financial injection, it should be recognized that the next step takes public-private cooperation on innovation beyond funding and into genuine collaboration on long-term strategy. Stakeholders in security challenges, which largely manifest themselves through digital platforms, exist across institutions including government, industry and academia; it therefore follows that in order to develop the most suitable solutions, as well as allowing the growth of innovative start-up companies, there must be continual dialogue between these stakeholders in addition to the mutual understanding of the objectives.
As such, formal strategies should recognize the need for sustained and long-term relationships with innovative, modern companies to be improved to counter anonymous, nefarious abuse of technology platforms – including how interaction between governments and private corporations can increase understanding of how regulatory and technological powers can work together effectively to achieve common goals. It is now clear that a huge volume of extremist material, potentially leading to bedroom radicalization of vulnerable individuals thousands of miles from the source of footage promoting this extremism, as well as damaging disinformation campaigns, is hosted and run on global online platforms. It is a mistake to assume that those who work in such companies are oblivious or ambivalent about the misuse of their products and systems; however, it is only natural for one to defend one’s organization if unfairly vilified.
Writing in the Financial Times in June 2017, a senior vice president and general counsel of Google, recognizing the key role that platforms such as Google and YouTube play in potentially propagating such material, outlined a number of steps in which their organization would work with government, law enforcement and civil society groups to tackle the purge of violent extremism online, remarking that “we are committed to playing our part.” The willingness to collaborate therefore clearly exists within technology companies of all sizes; the key step is now turning good will into a concrete strategy to deliver results that will, ultimately, save the lives of citizens on a global scale. Governments should be willing and, moreover, regard it as their duty to assist these entrepreneurs and organizations with legal and regulatory progression, rather than opening a competing offensive front through punishment which, while possibly winning short-term political battles, only serves to assist hostile forces, whether nation-states or extremist groups, who are not bound by the same rules.
The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email HSTodayMag@gtscoalition.com. Our editorial guidelines can be found here.