This week at the RSA Conference in San Francisco, many of the presenters explored the intersection between security and privacy and what industry needs to do to create a better environment of trust for individuals. This post captures Intel’s thoughts on where the policy needs to head.The evolution of today’s common global digital infrastructure (GDI) and the Internet at its backbone has been fueled by technology innovation. As the GDI becomes increasingly ingrained in the everyday lives of citizens and the functioning and continuing economic development of governments and businesses everywhere, the lack of capacity of the current policy environment to keep pace with the continued growth and ubiquity of the GDI is becoming increasingly clear. A different type of innovation will be necessary as policymakers grapple with the challenges of shepherding the GDI in the coming decades: policy innovation. Nurturing the GDI demands a unified global digital infrastructure policy (GDIP) based on common components, and one that will require policy cooperation across borders. This in turn requires an innovative approach to policymaking – one that meets 21st century technology needs while allowing for both diversification and harmonization. Indeed, the need to develop policies to make the digital environment reliable and secure is becoming an important agenda item for governments and policymakers around the world as the Internet becomes an indispensable social medium and continues to foster economic growth. However, concurrently a siloed approach to achieving security and privacy or heavy regulatory hand may unintentionally harm an environment dependent upon global interoperability and connectivity. There is a growing recognition amongst policymakers worldwide that the legal and regulatory status quo in the areas of privacy and security is inadequate to provide the trust necessarily underpinning the GDI. So while change seems inevitable due to increasing concerns surrounding cybersecurity, CIP, encryption, and other emerging policy issues , the question is which one of two divergent paths the coming change will follow: (1) Individual countries increasingly and in isolation passing laws endeavoring to ‘regulate’ different aspects of the global digital infrastructure; or (2) Multi-jurisdictional and transborder efforts gaining significant traction, leading to some form of extra- or intergovernmental coordination between and cooperation amongst states in the management of the GDI. The path ultimately taken is likely to have far-reaching consequences for individuals, corporations and governments across the globe. The nature of the GDI requires we choose the latter path; focusing on policy structures and processes that are similarly global in scope and rooted in innovative thinking. The common elements of current and contemplated privacy and security laws and regulations are helpful to inform the nuance of what will be required as GDIP structures take shape. The policy innovation required to enable the continued development of the GDI – and trusted technology innovations in particular – require a policymaking partnership or “triangle of trust.” An important characteristic of this triangle is its three co-equal sides of shared responsibility – government, industry, and NGOs – because no single entity can achieve the goal of building trust in the GDI. At Intel, we recognize that private sector companies must demonstrate not only that they can develop effective trust technologies, but demonstrate accountability in their development of the “Commercial Off The Shelf” (COTS) technologies and the manner by which they process information being processed on and over the GDI. Whether we consider policy or technology-based solutions to the problem of establishing end-to-end trust in the global digital infrastructure, a global digital infrastructure policy should be further developed. The underpinnings of such a sensible GDIP are already in existence today; • The ‘Triangle of Trust,’ (cooperation between 1. Industry, 2. NGOs/Academics, and 3. Government); • Technology neutrality; • Multi-jurisdictional cooperation and global standards; • Flexible laws and regulations; and • Accountability systems. Giving life to these GDIP components in a meaningful and comprehensive way will require, above all else, a commitment by all stakeholders to the triangle of trust concept, executed globally. The current environment presents an unprecedented opportunity for technology policy collaboration not only between governments, corporations, and NGOs, but between the technical and policy communities, as well as between the privacy and security communities. Intel is committed to driving this required bridging effort – by continuing to innovate in the technology sphere, by providing the solutions that will build trust in the GDI, and by stepping forward to innovate in the policy sphere.
Connect with us
- “The Innovators” and Rethinking Privacy
- Rethink Privacy 2.0 and Fair Information Practice Principles: A Common Language for Privacy
- In search of the best way to train future security experts: notes from the 2014 Intel Developers Forum (IDF ’14)
- The FTC, Big Data, and Intel’s Privacy Rethink
- Make The Data Innovation Pledge