Shaping Our Technological Future

COMMENTARY Cybersecurity

Shaping Our Technological Future

Sep 23rd, 2020 4 min read
COMMENTARY BY
Klon Kitchen

Director, Center for Technology Policy

Klon is Director of The Heritage Foundation's Center for Technology Policy.
While the federal government has taken excellent steps to address tech and cyber threats to national security, more needs to be done to develop our long-term national strategy. Oliver Nicolaas Ponder / EyeEm / Getty Images

Key Takeaways

Over the past four years, the government has been most responsive to national security concerns.

A slew of laws, regulations, requirements, and guidance documents have all been aimed at improving the nation’s technological defenses and strategic standing.

There are a several initiatives that the next administration can undertake to improve our national debate on technology policy.

This article is an excerpt from the “2020 Mandate for Leadership: A Clear Vision for the Next Administration.” It looks back at policy decisions made by the Trump administration over the past four years. You can purchase your copy of “Mandate 2020” here.

Over the past four years, the government has been most responsive to national security concerns. A slew of laws, regulations, requirements, and guidance documents have all been aimed at improving the nation’s technological defenses and strategic standing.

The 2020 National Defense Authorization Act, for example:

  • Creates a Senate-confirmed principal information operations adviser “to act as the principal adviser to the secretary of Defense on all aspects of information operations.”
  • Requires quarterly assessments of the readiness of cyber mission forces.
  • Imposes specific cybersecurity requirements on the Department of Defense’s chief information officer for improving enterprise-wide systems.
  • Requires the secretary of defense to notify the House and Senate Armed Services Committees of delegated cyber operations authorities.
  • Requires the secretary of defense to provide annual reports on cyber operations, “including cyber effects, operations, cyber effects enabling operations, and cyber operations conducted as defensive operations.”
  • Requires the Department of Defense chief information officer to prepare annual reports on attacks on the department and department contractor systems by Russia, China, Iran, and North Korea.
  • Authorizes the National Security Agency to “assist the Department of Defense in its evaluation and adoption of cybersecurity products and services from industry, especially the commercial cybersecurity sector.”
  • Requires the secretary of defense to “develop a consistent, comprehensive framework to enhance cybersecurity for the United States defense industrial base.”
  • Requires a Defense Science Board study on future Department of Defense cyber warfighting capabilities.
  • Creates principal cyber advisers for each military department.
  • Creates consortia of universities to advise the secretary of defense on cyber issues.
  • Requires assessments of Department of Defense cyber red team capabilities.

Beyond these tactical and operational improvements, the federal government is formulating the nation’s long-term strategic posture on cybersecurity and emerging technological challenges to national security.

In 2018, two separate commissions were formed, the Cyberspace Solarium Commission and the National Security Commission on Artificial Intelligence. Each is comprised of experts from government, academia, civil society, and industry.

The Cyberspace Solarium Commission is modeled after President Dwight Eisenhower’s Solarium Commission, which developed policy proposals for addressing the rising challenge of the Soviet Union, and is tasked with generating proposals for the United States’ “grand strategy” for cyberspace.

The National Security Commission on Artificial Intelligence is tasked with “consider[ing] the methods and means necessary to advance the development of artificial intelligence, machine learning, and associated technologies by the United States to comprehensively address the national security and defense needs of the United States.”

Addressing privacy concerns is proving to be more difficult and may ultimately be beyond the capacity of government to address effectively. At the time Mandate for Leadership was being prepared, 11 states had enacted their own privacy and data protection laws, each with its own priorities, requirements, and penalties.

While a number of federal proposals have been offered in Congress, none has gained traction because significant disparities between the various stakeholders have long prevented such legislation. There are two key disagreements.

First, lawmakers differ about whether consumers should have the individual right to sue companies that violate any new privacy law. Privacy advocates maintain that this ability would empower consumers with meaningful recourse and incentivize corporate compliance.

Other observers, however, are skeptical and worry that such a provision would saddle technology companies with unending lawsuits that could stifle innovation and slow economic growth.

Second, lawmakers also disagree about the advisability of further empowering government agencies like the Federal Trade Commission and how such actions would preempt state law.

Neither of these disagreements appears likely to be resolved any time soon.

Finally, regarding concerns about online bias and freedom of speech, a number of legislative actions have been proposed, but all have failed to become law. The Achilles heel of almost all of these proposals is the damage that could be done to fundamental freedom of speech and private property rights.

Under our Constitution, American companies—like American citizens—enjoy freedom of speech privileges and the right to operate their businesses according to their own consciences within the confines of the law. These bedrock ideas enable the nation to innovate and thrive.

Even more, there is good reason to suspect that government intrusions into these freedoms would not be limited to “Big Tech.” Other industries, civil society groups, and even private citizens could find their speech and property rights amended in the name of “fairness.”

This risk, coupled with innumerable technical challenges, has been a decisive check on efforts to curb perceived bias online.

Despite these challenges, there are a several initiatives that the next administration can undertake to improve our national debate on technology policy.

This piece originally appeared in The Daily Signal