#RSAC: The Role of Security Technologists in Public Policy

There is a need for public interest technologists, said Bruce Schneier, fellow and lecturer, Harvard Kennedy School, at RSA Conference 2019. That’s because we have a disconnect – or separate worlds – between technology and humanities. Technology is often developed without considering how these advances could upend society, while on the humanities/policy side, there is a lot of criticism of technology without understanding. Now, with everything we do and almost everything we use being connected to the internet, we need to find a way to bridge those two worlds.

“Today, technology and policy are deeply intertwined,” Schneier said. “Today, technology makes de facto policy that is more influential than any law, and law is trying to catch up with technology. It is no longer sustainable for technology and policy to be in different worlds.”

The role of a public interest technologist is going to be important in all areas of society but especially in security. Our government officials who create policy surrounding internet security and data privacy have no idea how the technology works. Instead, we need people like public interest technologists who are technology practitioners who focus on social justice, the common good and the public interest.

“We need these people to weigh in on public policy debates,” Schneier argued. With advances in technology like 5G, AI, ML, and with everything now connected to the internet, policymakers don’t have a clear understanding of the security risks involved. “Are we using 5G for security or surveillance? What about AI or robotics?” As the definition of internet security continues to broaden, there needs to be informed policy to meet these challenges.

“Technology is not policy or politically neutral,” Schneier added, “but every tool we build for good can do bad in the wrong hands.” We always knew that technology can subvert policy, but what Edward Snowden showed us is that policy can subvert technology. They both have to work together, or it won’t work at all.

What’s Hot on Infosecurity Magazine?