Digital Technologies Policy Laboratory’s Panel at Data for Policy Conference
By fejalesniewska, on 2 August 2019
By Feja Lesniewska and DTPL Team
Topics covered in their talks included: the governance of the Internet of Things, trust and human control over data sharing in complex digital ecosystems, the design of cybersecurity policy, and the challenges to cybersecurity best practice in critical infrastructure. Numerous high-quality presentations representing a diverse range of international organisations and subject matter were delivered during the two-day event. The conference is a premier global forum for interdisciplinary and cross-sector discussions around the impact and potential of the digital revolution in the government sector. It is supported by a large number of key stakeholders, including prestigious academic institutions, government departments, international agencies, non-profit institutions, and businesses.
Dr Irina Brass chaired the panel and introduced the presentations by four DTPL Research Fellows: three from the PETRAS IoT Research Hub and one from the ’Evaluating Cyber Security Evidence for Policy Advice’ (ECSEPA) project. The session, titled: ‘Bridging the sociotechnical divide from a policy perspective: Knowledge sharing in cybersecurity and data management in digital technologies’, examined how public and private sectors can be better equipped for the 21st century in light of new challenges that digital technologies present. Areas covered by the presenters in the session included cybersecurity capacity building and knowledge sharing; improving models and simulators to enhance cybersecurity of industrial critical infrastructure; exercising personal data rights; and designing innovative governance solutions internationally to address global IoT security issues. The presentations, as detailed below, led to a stimulating Q&A session with the audience.
Dr Alex Chung (ECSEPA) delivered a presentation based on a joint-authored paper with Professor Madeline Carr (PI), Professor Siraj Shaikh (Co-I), Atif Hussain and Sneha Dawda titled: ‘Cyber capacity building and knowledge sharing: The UK policy community’s perception of the National Cyber Security Centre (NCSC).’ Informed by data collected through the EPSRC-funded ECSEPA study, the talk explored UK policymakers’ views on the relevance of NCSC provisions to their work and their engagement experiences with the NCSC. The presentation also touched upon areas of intervention suggested by the policy community which could help strengthen expertise sharing practices.
Dr Uchenna D Ani provided a technical assessment of initiatives to improve the security of critical infrastructure networks that include Internet of Things components. This is based on his paper titled: ‘How policy and regulations can improve Critical Infrastructure Modelling and Simulations’ co-authored with Professor Jeremy Watson. The paper presented some of the research findings from the PETRAS project ‘Analytical Lenses for the Internet of Things Threats (ALIoTT)’. These included data collected from a survey and engagement with stakeholders that showed how research and academic institutions were championing more solution tools that were readily available for critical infrastructure protection modelling/simulations than industry or government agencies.
Dr Kruakae Pothong’s co-authored paper titled: ‘Exercising data subjects’ rights under the General Data Protection Regulation (GDPR) in the Internet of Things (IoT)’ provided a more personal focus by examining the personal, social and environmental factors that shape individuals’ relative capacity to exercise control over their personal data. The research demonstrates, using Amartya Sen’s Capability Approach, that individuals currently do not have the knowledge and skillsets that are compatible with the complexity of IoT. As a result, the potential increase in GDPR efficacy with regards to privacy, security and data protection in an IoT environment is significantly limited.
Dr Feja Lesniewska took the focus to the international level. She presented a co-authored paper, titled: ‘Internet of Things, Security and Governing Wicked Problems: Learning from the Paris Agreement on Climate Change’. The paper explores how multilateral and multi-stakeholder forums are proposing to cope with multiple data management challenges that the IoT pose to international security. The paper presents research conducted for the PETRAS National and International Protection of Critical Infrastructure Project (NIPC) that illustrated the disconnect between innovative policy being proposed amongst many non-state and selected governments, and that of the international multilateral processes. The paper proposes that the Paris Agreement on climate change can provide inspiration for a different approach to addressing wicked problems like the IoT which are polycentric and agile.
The DTPL is led by Professor Madeline Carr. Apart from undertaking cutting edge research, Professor Carr and Dr Brass also lead the teaching for the Digital Technologies and Policy (DTP) stream of UCL STEaPP’s MPA programme.