Technology, Security & The Geopolitics of the Firm

States have a strategic interest in adopting emerging technologies. This is especially true of digital technologies as battlefields become more ambiguously defined across civilian infrastructure and awash in data. This adoption relies on an often-contested relationship with technology firms, including some of the largest corporations assembled since the French Revolution. The nature of this contest, and the choice of strategies by states, and firms, to compete more effectively, has significant implications for the design and adoption of digital technologies, the political power of non-state groups, and the security of the United States and its allies.  

This collection of applied research projects works to understand the mechanics of contestation between firms and the state, the strategies states use to influence the security of digital technologies, how the adoption of different kinds of technologies by states influences public-private political dynamics, and the diffusion of offensive digital technologies developed or employed by non-state groups. This work takes an explicitly interdisciplinary approach and works to translate findings into practical recommendations for different policymaking communities.  

KEY AREAS OF FOCUS

  • THE INDUSTRIAL POLITICS OF COMPUTING

    How ‘openness’ in digital computing intersects with user’s security, the market for cloud services, and anti-trust policies.

  • SPYWARE PROLIFERATION

    How the development, sale, and support of software used for digital espionage affects human rights and international security

  • TRANSNATIONAL REGULATION & SECURE BY DESIGN

    Multiple governments are working to induce technology companies to develop more secure digital technologies but these efforts pose challenging questions of vertical regulation within borders and horizonal regulation across them. Is there an international future for “secure by design”?   

  • NON-STATE, MARKET-DRIVEN, SECURITY GOVERNANCE

    Description goes What role can entities like insurance firms play in governing the security outcomes of organizations? Where are there opportunities to reinforce or even replace public sector authority with private sector institutions, without reverting to ‘voluntary’ mechanisms?  here

RECENT PUBLICATIONS

Publications
Mythical Beasts and Where to Find Them
Mythical Beasts and Where to Find Them

Despite its contribution to human rights harms and national security risks, the proliferation of spyware remains rife. A significant channel for this proliferation is sale through a global market, of which most public information is known about only a handful of vendors. While some of these entities have achieved infamy, like NSO Group and the Intellexa Consortium, most others have largely flown under the radar.

The Mythical Beasts project addresses this meaningful gap in contemporary public analysis on spyware proliferation, pulling back the curtain on the connections between 435 entities across forty-two countries in the global spyware market. These vendors exist in a web of relationships with investors, holding companies, partners, and individuals often domiciled in different jurisdictions.

Read More →
Markets Matter - A Glance into the Spyware Industry
Markets Matter - A Glance into the Spyware Industry

The Intellexa Consortium, a complex web of holding companies and vendors for spyware and related services, have been the subject of recent, extensive sanctions by the US Department of the Treasury and the focus of reporting by the European Investigative Collaborations among others. The Consortium represents a compelling example of spyware vendors in the context of the market in which they operate—one which helps facilitate the commercial sale of software driving both human rights and national security risk. This paper addresses an international policy effort among US partners and allies, led by the French and British governments, as well as a surge of US policy attention to address the proliferation of this spyware.

Read More →