The TPRC is seeking to select up to 6 TPRC Junior Fellows – early-career researchers engaged in research on the Internet, telecommunication and media policy in the digital age. Please nominate individuals whom you think might make outstanding fellows. Those who have wond student paper awards at the TPRC conference as well as those who served Benton Award winners could be candidates, but we are open to anyone you feel to have the potential to do outstanding research on key issues for the TPRC, and engage other early-career researchers in our activities.
The TPRC Junior Fellows Program was designed in part to award excellence but also tobring new members into the TPRC community. Those appointed will be honoured and serve as ambassadors for TPRC, working pro bono and appointed to two-year terms by the Board. Junior Fellows will be emerging scholars with good connections to their peers, including but not limited to successful TPRC paper presenters and alumni of the Graduate Student Consortium and Benton Award.
TPRC hopes that Junior Fellows will help broaden the TPRC community, and improve the participation of underrepresented groups, such as young academics, certain disciplines not traditionally involved in telecom research who are engaged in new media and digitial policy, and those engaged in new research areas, as well as those who bring greater diversity to our community, including women, minorities, and under-represented groups.
The TPRC Board anticipates that Fellows will disseminate information about TPRC on their personal networks, and identify and engage 1-1 with prospective attendees and encourage them to participate in TPRC. In return, TPRC will recognize Fellows on the TPRC web site, and publicly welcome new appointees during the conference, and provide material and mentoring to support their outreach mission. Of course, the Early Career Fellows will be able to list this service on their resumes. Each Fellow will have a designated Board liaison, who will check in periodically to discuss support needed and progress made. TPRC will aim to support your career.
We’re looking for people that meet as many of the following criteria as possible. None of them are required qualifications; we don’t expect that anyone will check all the boxes.
From under-represented groups, including women and minorities
Working in new research areas and those under-represented at TPRC
Academic talent and promise
Good network of contacts, e.g. active on social media
The fifth annual conference of Oxford’s Global Cyber Security Capacity Centre (GCSCC) was held in late February 2019 at the Oxford University’s Martin School. It engaged over 120 individuals from the capacity building community in one full day of conference sessions, preceded and followed by several days of more specialized meetings.*
The focus of the conference was on taking stock of the last five years of the Centre’s work, and looking ahead to the next five years in what is an incredibly fast moving area of Internet studies. So it was an ideal setting for reflecting on current themes within the cybersecurity and capacity building community. The presentations and discussions at this meeting provided a basis for reflections on major themes of contemporary discussions of cybersecurity and how they come together in ways that reinforce the need for capacity building in this area.
The major themes I took away from the day concerned 1) changing nature of threats and technologies; 2) the large and heterogeneous ecology of actors involved in cybersecurity capacity building; 3) the prominence of cross-national and regional differences; and 4) the range and prevalence of communication issues. These themes gave rise to a general sense of what could be done. Essentially, there was agreement that there was no technical fix to security, and that fear campaigns were ineffective, particularly unless Internet users are provided instructions on how to respond. However, there was also a clear recommendation not to throw up your hands in despair, as ‘cybersecurity capacity building works’ – nations need to see capacity building as a direction for their own strategies and actions.
I’ll try to further develop each of these points, although I cannot hope to give justice to the discussion throughout the day. Voices from Oxford (VOX) has helped capture the day in a short clip that I will soon post. But here, briefly, are my major takeaways from the day.
Changing Threats and Technologies
The threats to cybersecurity are extremely wide ranging across contexts and technologies, and the technologies are constantly and rapidly changing. Contrast the potential threats to national infrastructures from cyberwarfare with the threats to privacy from the Internet of Things, such as a baby with a toy that is online. The number of permutations of contexts and technologies is great.
The Complex Ecology of Actors
There is a huge and diverse set of actors and institutions involved in cybersecurity capacity building. There are: cybersecurity professionals, IT professionals, IT, software, and Internet industries; non-governmental organizations; donors; researchers; managers of governments and organizations; national and regional agencies; and global bodies, such as the World Economic Forum and the Internet Governance Forum. Each has many separate but overlapping roles and areas of focus, and each has a stake in global cybersecurity given the risks posed by malicious actors that can take advantage of global weaknesses.
One theme of our national cybersecurity reviews was that the multitude of actors within one country that were involved with cybersecurity often came together in one room for the very first time to speak with our research team. Cybersecurity simply involves a diverse range of actors at all levels of nations and organizations, and with a diverse array of relationships to the Internet and information and communication technologies, from professional IT teams and cybersecurity response teams to users. Developing a more coherent perspective on this ecology of actors is a key need in this area.
National and Regional Differences
Another clear theme of the day was the differences across the various nations and regions, including the obvious issues of the smaller versus larger nations in the scale of their efforts, but also between the low and high income nations. We heard cases of Somalia juxtaposed with examples from the UK and Iceland. And the range and nature of actors across these nations often differed dramatically, such as in the relevance of different global facilitating organisations, such as the World Bank.
Communication in So Many Words
Given this ecology of actors in a global arena, it might not be surprising that communication emerged as a dominant theme. It arose through many presentations and discussions of the need for awareness, coordination, collaboration (across areas and levels within nations, across countries, regions), as well as the need for prioritizing efforts and instruction and training, both of which work through communication. Of course, the conference itself was an opportunity for communication and networking that seemed to be highly valued.
What Can Be Done? Capacity Building
However, despite these technical, individual, and national differences, requiring intensive efforts to communicate, coordinate, and collaborate nationally, regionally, and globally, there were some common thoughts on what needs to be done. Time and again, speakers stressed the lack of any technical fix – or what one participant referred to as a silver bullet – to fix cybersecurity. And there was a general consensus that awareness campaigns that were basically fear campaigns did not work. Internet users, whether in households or major organizations, need instructions on what to do in order to improve their security. But doing nothing was not an option, and given the conference, it may not be surprising, but there did seem to be a general acceptance that cybersecurity capacity building was a set of instructions on a way forward. Our own research has provided empirical evidence than capacity building works, and is in the interest of every nation.**
Ofcom reports that fewer people are using their mobile phones for making phone calls (Williams 2018). The use of smartphones for calls is declining while their use for texting, emailing, searching and using social media is rising. Clearly, this trend is not unique to the UK, nor is it simply limited to the use if smartphones. But I fear this interesting trend masks a more fundamental shift in communication: Put simply, more people are choosing not to speak with others – by phone or in person.
To illustrate, here is a typical conversation I would have with a former office assistant (OA) in my former university. She was a valued member of our team and went off for an exciting move when her husband was offered a better job. But here was a typical scenario:
Me: Has the approval for our research travel come through?
OA: No. I sent an email two days ago. No word yet.
Me: Could you check, and try to nudge them? We need to move ahead.
OA: OK. I’ll send another email.
Me: Maybe it would be easier if you just picked up the phone? Actually, the office is close – maybe you could pop in a speak to the grant officer.
OA: Its easier to email, and she’ll see it.
I stew for a moment and then walk the few minutes to the grant office, speak with the officer, and get the approval. All the time I am wondering why no one wants to simply pick up the phone or walk down the hall. Perhaps (undoubtedly) it is more efficient for the OA to email, but not for me waiting for approval. Perhaps the OA doesn’t want to disturb or interrupt the grant officer, but my work is effectively stalled. Am I simply being selfish or is my OA simply following a rational path that is not only the easy way but the contemporary way to do things?
Of course, this is a simple anecdote, but it happens so often that I cannot help but wonder how pervasive this style of communication is becoming. When I have shared this view with administrators, they acknowledge this as a growing pattern. And it is not just email, but also so-called enterprise platforms for conducting all sorts of financial, administrative, and personnel matters. Ask about health benefits, and I’m told to check or enroll on our enterprise business system. Of course, these systems are designed to permit fewer administrators to handle more personnel. But ironically, it might also lead to inefficiencies and ineffectiveness, such as sending an email rather than picking up a phone or speaking with the right person.
Maybe I am wrong. Video and voice over IP enables applications like Skype, Google Hangouts, and FaceTime that are permitting more interpersonal conversations to occur among people distributed around the world. And since the 1970s, when people expected electronic telecommunications to enable tradeoffs with travel, research has found that telecommunications tends to reinforce travel as we telecommunicate with those we meet with face-to-face before and after meetings. If we email someone, we are more likely to meet them face-to-face, and vice versa.
But I wonder if we have reached some tipping point where this might well be changing – a point when it is getting increasingly difficult to speak with anyone face-to-face or even on the phone.
Zoe Williams, ‘It’s so funny how we don’t talk any more’, The Guardian, Friday, 3 August 2018: 5.
I have been amazed by the level of consensus, among politicians, the press and the directors of security agencies, over the origins and motivations behind the Russian hacking of the 2016 presidential election. Seldom are security agencies willing to confirm or deny security allegations, much less promote them*, even when cyber security experts vary in their certainty over the exact details. Of course there are many interpretations of what we are seeing, including speaking arguments that this is simply a responsible press, partisan politics, reactions to the President-elect, or a clear demonstration of what has been called, in a study of a thread of Israeli journalism, ‘patriotic’ journalism.* For example, you can hear journalists and politicians not only demonizing WikiLeaks founder Julian Assange, the messenger, but also arguing that those who do not accept the consensus are virtually enemies of the state.
One useful theoretical perspective that might help make sense of this unfolding display of consensus is the concept of the ‘certainty trough’, anchored in Donald MacKensie’s research** on missile systems and those who had different levels of certainty about their performance, such as their accuracy in hitting the targets they are designed to strike. He was trying to explain how the generals, for example, could be so certain of their performance, when those most directly involved in developing the missile systems were less certain of how well they will perform.
The figure applies MacKenzie’s framework to the hacking case. My contention is that you can see aspects of the certainty trough with respect to accounts of Russian hacking of John Podesta’s emails, which led to damaging revelations about the Democratic National Committee (DNC) and the Clinton Foundation during the election, such as in leading to the resignation of Representative Debbie Wasserman Schultz’s DNC post. On the one hand, there are security experts, most directly involved in, and knowledgeable about, these issues, with less certainty than the politicians and journalists about how sophisticated these hacks of an email account were, and whether they can attribute clear intentions to an ecology of multiple actors. At the other extreme, the public is the least knowledgeable about cyber security, and likely to have less certainty over what happened (see Figure). Put simply, it is not the case that the more you know the more certain you are about the facts of the case.
The upshot of this possibility is that the journalists and politicians involved in this issue should not demonize those who are less certain about who did what to whom in this case. The critics of the skeptics might well be sitting in the certainty trough.
A British High Court justice has ‘struck down a ban on sending books to prisoners’, as reported by the NYT: http://www.nytimes.com/2014/12/06/world/europe/british-judge-lifts-restriction-on-books-in-prison.html A number of writers, poets and human rights advocates have been pressing for the right of prisoners to buy books from the ‘outside world’. Apparently the prison service had supported access to books, but only through the prison libraries or purchases through the prison service, as a security measure: to prevent the smuggling of other things into the prison, as we have all seen in popular films and television series. It seems to me that it is arguably worth the time and effort of searching packages sent to prisoners in order to enhance access to books. Surely the value of books in educating and supporting the rehabilitation of those in prison is a long-term payoff that offsets the cost of screening.
About a decade ago, I was introduced to an imaginative plan to enable limited access to the Internet from prison. There are a number of programs that enable limited access to electronic text messaging, for example, but by and large, this is a huge hurdle. Nevertheless, I hope advocates of this development are continuing to pursue schemes that might enable safe access to the Internet, such as for access to education and entertainment that could be as important as the right to read. I would like to hear of initiatives in this area, and wish them well.
Modernizing and Inspiring a “Startup Mentality” in Legacy Information Technology Organizations
Speakers: David A. Bray, Oxford Martin Associate and CIO of the U.S. FCC, Yorick Wilks, and Greg Taylor
19 June 2014 from 4-5 pm
OII Seminar Room, 1 St Giles’, Oxford
By some estimates, 70% of IT organization budgets are spent on maintaining legacy systems. These costs delays needed transitions to newer technologies. Moreover, this cost estimate only captures those legacy processes automated by IT; several paper-based, manual processes exist and result in additional hidden, human-intensive costs that could benefit from modern IT automation.
This interactive discussion will discuss the opportunities and challenges with inspiring a “startup mentality” in legacy information technology organizations. Dr. David Bray, will discuss his own experiences with inspiring a “startup mentality” in legacy IT organizations as well as future directions for legacy organizations confronted with modernization requirements. The discussion will be chaired by OII’s Dr. Greg Taylor, and Yorick Wilks, an OII Research Associate, and Professor of Artificial Intelligence in the Department of Computer Science at the University of Sheffield, will offer his comments and responses to David’s ideas before opening the discussion to participation from the audience.
The 6th ACM Web Science Conference will be held 23-26 June 2014 on the beautiful campus of Indiana University, Bloomington. Web Science continues to focus on the study of information networks, social communities, organizations, applications, and policies that shape and are shaped by the Web.
The WebSci14 program includes 29 paper presentations, 35 posters with lightening talks, a documentary, and keynotes by Dame Wendy Hall (U. of Southampton), JP Rangaswami (Salesforce.com), Laura DeNardis (American University) and Daniel Tunkelang (LinkedIn). Several workshops will be held in conjunction with the conference on topics such as Altmetrics, computational approaches to social modeling, the complex dynamics of the Web, the Web of scientific knowledge, interdisciplinary coups to calamities, Web Science education, Web observatories, and Cybercrime and Cyberwar. Conference attendees will have an opportunity to enjoy the exhibit Places & Spaces: Mapping Science, meant to inspire cross-disciplinary discussion on how to track and communicate human activity and scientific progress on a global scale. Finally, we will award prizes for the most innovative visualizations of Web data. For this data challenge, we are providing four large datasets that will remain publicly available to Web
The World Economic Forum has released a set of complementary reports, including one written by an OII team, entitled ‘The Internet Trust Bubble: Global Values, Beliefs and Practices’, by William H. Dutton, Ginette Law, Gillian Bolsover, and Soumitra Dutta. Our report is a follow up to our earlier WEF study entitled ‘The New Internet World’. Both are based on global Web-based surveys of Internet users, and conducted by the OII in collaboration with the WEF, comScore, and with support from ictQATAR.
Our survey research was conducted in 2012, prior to the Snowden revelations, so what we found to be a potential risk to trust in the Internet can only be greater than what we found pre-Snowden. That said, there is no certainty that the concerns raised over Snowden will reach the general public, or that Internet users will not adapt to risks to personal data and surveillance in order to enjoy the convenience and other benefits of Internet use. There is clearly a need for continuing research on attitudes, beliefs, and practices in related areas of security, privacy, authenticity and trust in the Internet, but also greater efforts to support public awareness campaigns, such as is a current focus of work in our Global Cyber Security Capacity Center at the Oxford Martin School.
We found strong support for the values and attitudes underpinning freedom of expression on the Internet. Users in the emerging nations of the Internet world are in some respects more supportive of freedom of expression online than are users in the nations of the Old Internet World. In fact, in 2012, users from the nations more recently moving online, those who compose the New Internet World, are more likely to support norms underpinning freedom of expression online than do users from nations of the Old Internet World, who were early to adopt the Internet, as well as reporting higher levels of perceived freedom in expressing themselves on the Internet.
However, there is concern worldwide over the privacy of personal information, but this is not evenly distributed. Users in nations that have more recently embraced the Internet appeared somewhat less aware of the risks and more trusting in their use of the Internet. Moreover, many users around the world indicate that they are not taking measures designed to protect their privacy and security online. In addition, there is evidence of large proportions of the online world lacking trust in the authenticity and appropriateness of information on the Internet, often looking towards the government to address problems in ways that could put values of the Internet at risk, such as freedom of expression. At the same time, there is a surprisingly high proportion of users that take governmental monitoring and surveillance of the Internet for granted, even before the disclosures of Edward Snowden and his claims about US and other governmental surveillance initiatives. These are illustrations of a pattern of attitudes and beliefs that might well signal a looming crisis of trust in the freedom, privacy, security and value of the Internet as a global information and communication resource.
Coincidentally, I gave a keynote on the ‘Internet trust bubble’ in Shenzhen, China, at the Huawei Strategy and Technology Workshop today, with the release of this report, 13 May 2014. I am doubtful that our data convinced many in the audience that there was reason for concern, as most discussion was rather optimistic about the future of mobile and the Internet, but I do believe there is international recognition of
After 12 great years at Oxford, I am delighted to be joining MSU as their new Quello Professor. Not sure how my former USC Trojan colleagues will react to me joining the Spartans! The current Director of the Quello Center, Professor Steve Wildman, a recent Chief Economist at the FCC, posted a much appreciated announcement of the appointment. I’ll be joining MSU in August 2014 and look forward to staying in touch with you over this and related blogs in the future. One of my goals will be to put the Internet and Web into the center of a forward strategy for building the Quello Center’s role in the new digital world of communication research, policy and regulation. My work as a co-principal on the Global Cyber Security Capacity Centre will continue at MSU, as will my work on the Fifth Estate, partly through the support of a project on collaboration at the DTU (Danmarks Tekniske Universitet) as well as through support of the Quello Center. At MSU, I will hold the James H. Quello Chair of Media and Information Policy.