Regulatory Failures in the Security Space: Some Current Cases

Presentation by Roger Clarke.

Roger Clarke is an independent consultant in the strategic and policy implications of advanced information technologies, with a particular focus on eBusiness, information infrastructure, and dataveillance and privacy. He is a Visiting Professor in Computer Science at the Australian National University (ANU), and a Visiting Professor in Law at the University of New South Wales (UNSW). He has also held Visiting Professorships at the University of Hong Kong (2002-07), the University of Bern, and the University of Linz.

The abstract notion of 'security' is subject to many different interpretations. These depend in particular on which stakeholder is concerned about harm to which values associated with which assets. As the aphorism has it: 'a Conservative is a Liberal whose kid's bike has just been stolen'. These issues are relevant in information technology contexts in general, and Internet / 'cybersecurity' contexts in particular.

The spectrum of regulatory forms is reviewed, noting the steady drift from 'government' to mere 'governance'. A series of test-cases is then considered, in order to gain some insights into the effectiveness of contemporary approaches to security regulation. The cases include PIAs for national security initiatives, natural and imposed controls over big data analytics, and the current challenges of the 'Internet of Things', remotely-piloted drones, and autonomous cars. Finally, the notion of a 'data protection impact assessment' (DPIA) that is embedded in the European Commission's GDPR is compared with a normative model of what a PIA should look like.

The test-cases suggest that the public is confronted by a wide array of regulatory failures. These may be attributed variously to failure by executive and legislative branches to apply evaluation standards to initiatives - particularly where the 'national security' mantra is invoked, to their excessive desire to stimulate business activity, and to the exercise of power by corporations over governments.

The same day there will also be a breakfast seminar with Roger Clarke at PRIO. Information about the breakfast seminar will you find here.

Both events are organized by Signal project.





Published Aug. 16, 2016 2:41 PM - Last modified Aug. 25, 2016 9:57 AM