Stanford University

Information Technology

Conventional and Dual Use Technology Export Control Legislation in the European Union and the United States: How Legislative Convergence Is Being Undermined by Administrative and Strategic Divergence

-

Noah Richmond (speaker) is a CISAC Zukerman Fellow and a Stanford Center on International Conflict and Negotiation fellow. His research has focused on the structure and management of the U.S. officer corps, organizing the U.S. military for new domains of warfare including space and cyberspace, and ballistic missile defense. His current research focuses on international, supra-national, and national control regimes for dual-use technologies. Most recently he co-chaired the working group on new domains of warfare for the Beyond Goldwater-Nichols Study conducted at the Center for Strategic and International Studies. Richmond has previously consulted for the Institute for Defense Analyses, RAND, and Strategic Decisions Group. He received his BS in mathematics from the Massachusetts Institute of Technology, an MS in engineering-economic systems and operations research from Stanford, and a PhD in management science and engineering from Stanford. Richmond is currently a law student at Stanford Law School (class of 2008), where his studies focus on intellectual property and international trade.

David Elliott (respondent) was staff director for science and technology at the National Security Council (NCS) and then vice president at SAIC and SRI. At NCS his portfolio included export control matters, which included the international coordination of our policy. During his time at NCS, major emphases emerged on civilian nuclear issues after the Indian nuclear test and on computer technology as its importance became evident. At CISAC he has contributed to work in cyber security and information technology. Elliott received his BS in physics from Stanford University and both his MS and PhD in experimental high energy physics from the California Institute of Technology.

Reuben W. Hills Conference Room

Noah Richmond Speaker
David Elliott Speaker
Seminars

Sensors, Search and Seizure

-

A major component of the strategy to prevent attacks with Weapons of Mass Destruction (WMD) by transnational terrorist groups requires the widespread utilization of chemical, biological and radiological detection systems. Whether or not one can actually deploy these sensors may well depend on the public perception of the sensor's invasion of their privacy and the court's interpretation of the sensors' challenge to the Constitution's search and seizure protections. However, if scientists and engineers designing new sensors take cognizance of the perspective taken by courts in the past, they will stand a much better chance of providing technical solutions that will balance the Fourth Amendment and civil liberties against the modern realities of terrorist threats. This seminar will discuss and solicit ideas on how legal interpretations of the fourth Amendment can be used to help design modern sensor systems.

Don Prosnitz is currently the deputy drector (programs) for nonproliferation, homeland and international security at Lawrence Livermore National Laboratory and is responsible for overseeing all of the directorate's technical programs. He received his BS from Yale University and his PhD in physics from the Massachusetts Institute of Technology. He then spent two years as an assistant professor in the Engineering and Applied Science Department at Yale before joining Lawrence Livermore National Laboratory as an experimental laser physicist. Over the next three decades, he conducted research on lasers, particle accelerators, high-power microwaves, free-electron lasers, and remote sensing, and managed the design, construction, and operation of numerous research facilities. In 1990, he was awarded the U.S. Particle Accelerator Award for Achievement in Accelerator Physics and Technology; in 2002, he was named a Fellow of the American Physical Society. He has served on multiple technical panels, including a Defense Science Board study and various intelligence committees. He is currently a member of the National Academies of Science Board on Chemical Sciences and Technology. In 1996, Prosnitz was briefly detailed to the Department of Energy where he provided technical support to the Office of Nonproliferation and National Security. In 1999, Prosnitz was named the chief science and technology advisor for the Department of Justice (DOJ) by Attorney General Janet Reno. In this newly created position, he was responsible for coordinating technology policy among the DOJ's component agencies and with state and local law enforcement entities on science and technology projects and programs. He served on numerous interagency working groups and federal committees, including the National Science and Technology Council, the Data Management Improvement Act Task Force (immigration systems), and the National Human Research Protections Advisory Committee. He advised the attorney general and DOJ officials and component agencies, such as the FBI, DEA, and former INS (Immigration and Nationalization Service), on such technical matters as weapons of mass destruction, forensics, human subject protection, immunization policy, immigration policy, biometrics, border protection, and information technology. In 2003 he returned to LLNL where he promotes continuing education of the workforce with a special emphasis on the interaction of society and technology.

Reuben W. Hills Conference Room

Dan Prosnitz Deputy Director (Programs), Nonproliferation, Homeland and International Security Speaker Lawrence Livermore National Laboratory
Seminars
Science, Technology and Security Seminars (2009-2010)

Research worth fighting for

Authors
William J. Perry
News Type
Commentary
Date
Paragraphs
"Of the Pentagon's $419.3 billion budget request for next year, only about $10.5 billion--2 percent--will go toward basic research, applied research and advanced technology development," write %people1% and John M. Deutch, former secretary and assistant secretary of defense, respectively, in a New York Times op-ed. This 20 percent reduction will weaken national security in the long run, they warn, adding, "Secretary of Defense Donald Rumsfeld should reconsider this request, and if he does not, Congress should restore the cut."

Of the Pentagon's $419.3 billion budget request for next year, only about $10.5 billion - 2 percent - will go toward basic research, applied research and advanced technology development. This represents a 20 percent reduction from last year, a drastic cutback that threatens the long-term security of the nation. Secretary of Defense Donald Rumsfeld should reconsider this request, and if he does not, Congress should restore the cut.

These research and development activities, known as the "technology base" program, are a vital part of the United States defense program. For good reason: the tech base is America's investment in the future. Over the years, tech base activities have yielded advances in scientific and engineering knowledge that have given United States forces the technological superiority that is responsible in large measure for their current dominance in conventional military power.

Research into basic understanding of methods for reducing radar signatures in the 1970's, for example, gave rise to "stealth" technology. Advances in electronic sensor technology enable the vast collection of information from satellites, and past work on computer systems permits distribution of this information in near real-time to military commanders. The combination of near-real-time intelligence and precision munitions are the heart of the so-called "revolution in military affairs" that avoids large and costly systems and approaches.

These advances require years of sustained effort by university, industry and government researchers. If the Pentagon does not make the required investments today, America will not have dominant military technology tomorrow.

The technology base program has also had a major effect on American industry. Indeed, it is the primary reason that the United States leads the world today in information technology. American companies not only draw heavily on the Pentagon's work, but they have also come to depend on it. The research and development programs of many of America's major information technology companies are almost exclusively devoted to product development.

It was the investment of the Defense Advanced Research Projects Agency in a network known as ARPA-net in the 1960's and 70's, for example, that gave rise to the Internet. The JPEG file format for digital images is based on software and standards developed by the Pentagon. The global positioning satellite system, first developed for precision-guided munitions, is now used in many cellphones and has the potential to revolutionize our air traffic control system. America's ability to translate the Pentagon's technology base into commercial achievement is the envy of the world.

Of course, the administration and Congress need to make tough budget choices. But to shift money away from the technology base to pay for Iraq, other current military operations or research on large, expensive initiatives, is to give priority to the near term at the expense of the future. This is doubtful judgment, especially at a time when the nature of the threat confronting America is changing. New threats, like catastrophic terrorism and the spread of weapons of mass destruction, urgently call for new technology.

There should be no doubt that basic research will continue to make a contribution. Robotics, artificial intelligence, biotechnology, brain and cognitive sciences, nanotechnology, large-scale modeling and simulation: all these fields can have a huge impact. If properly supported, basic technology work is likely to lead to unprecedented results.

Mr. Rumsfeld has long championed the need to transform the military and exploit new technology. He has supported the technology base in the past and has urged the adoption of a more long-term view of security needs. He should, then, be willing to review and reverse the Pentagon's request for reducing its technology base. He should understand that short-term budget requirements for the armed services always tend to push out the technology base program - unless the Pentagon leadership supports it.

Perhaps the reason for this year's reduction is the mistaken belief that a one-year gap in financing does not matter, because innovation takes so long. But tech base advances occur because of stable financing. Fluctuating budgets cause wasted effort.

It is possible that Congress will restore the cuts in technology base programs and correspondingly reduce some other part of the defense budget. But Mr. Rumsfeld should not depend on Congress. It would be vastly better if the Pentagon understood the importance of the tech base effort, and acted on that understanding.

The Department of Defense's technology base programs have been an important factor in giving America the dominant military force in the world. They have also helped many American information technology companies become successful. The Pentagon should maintain its dedication to these programs, and that will require leadership from the secretary of defense - as well as support from Congress.

John Deutch, a professor of chemistry at M.I.T., was deputy secretary of defense from 1994 to 1995. William J. Perry was secretary of defense from 1994 to 1997.

All News button
1

Homeland Security vs. the Madisonian Impulse: State Building and Anti-Statism After September 11

-

Has the Bush administration used the War on Terror to consolidate power in the executive branch? Is the United States in danger of undermining civil liberties and laying the foundation for an American police state? Arguing against conventional wisdom the authors answer these questions with an emphatic No. Drawing on evidence from the USA Patriot Act, the creation of the Department of Homeland Security, the Transportation Security Administration, intelligence reform, and the detention of enemy combatants, the authors argue that what is most striking about US homeland security policy in the wake of 9-11 is just how weak the response of the American state has been. This outcome is contrary to both conventional wisdom and theoretical expectation. The authors argue that this puzzle is best explained by focusing on the institutional structure of US domestic politics.

Jay Stowsky is an adjunct professor at the University of California, Berkeley's School of Information Management and Systems (SIMS) and is the executive drector of UC Berkeley's Services Science Program. Previously, he directed UC Berkeley's program on Information Technology and Homeland Security at the Goldman School of Public Policy and served in the Clinton administration as senior economist for science and technology policy on the staff of the White House Council of Economic Advisers. Stowsky has also served as associate dean at UC Berkeley's Haas School of Business and as director of research policy for the University of California system. He has authored several studies of U.S. technology policy, including "Secrets to Share or Shield: New Dilemmas for Military R&D in the Digital Age," in Research Policy (Vol. 33, No. 2, March 2004) and "The Dual-Use Dilemma," in Issues in Science and Technology (Winter 1996). He is co-author, with Wayne Sandholtz, et al., of The Highest Stakes: The Economic Foundations of the Next Security System (Cambridge Oxford University Press, 1992).

Matthew Kroenig is a PhD candidate in the Department of Political Science at UC Berkeley and a Public Policy and Nuclear Threats Fellow at the Institute of Global Conflict and Cooperation. Kroenig's dissertation research explains the conditions under which states provide sensitive nuclear assistance to nonnuclear weapons states. Previously, he was a research associate with the Information Technology and Homeland Security Project and has also served in government as an intelligence analyst.

Download pdf

Reuben W. Hills Conference Room, East 207, Encina Hall

Matt Kroenig PhD Candidate Speaker Department of Political Science, UC Berkeley
Jay Stowsky Adjunct Professor Speaker School of Information Management and Systems, UC Berkeley
Seminars

Is the Elephant Learning to Dance? The Diffusion of the Internet in the Republic of India

Paragraphs

Published in conjunction with the Georgia Tech Information Security Center (GTISC), Georgia Institute of Technology.

From the Introduction:
"The election of the Bharatiya Janata Party (BJP) in 1997 signaled renewed interest in IT and the Internet. The BJP advocated economic liberalization and listed IT as one of the government's top five priorities, along with more traditional issues such as the provision of potable drinking water and education [10]. "Indian IT has had many small voices, but the BJP is attempting to give IT a national voice" [10]. In May 1998, Prime Minister Vajpayee organized a national IT task force to make recommendations for a comprehensive policy overhaul. The task force's recommendations were instrumental in initiating wide-ranging and fundamental changes in Indian IT policy.

The speed with which the Indian National Task Force on Information Technology and Software Development moved was indicative of the changing government attitude. Within 90 days of its establishment, the Task Force produced an extensive background report on the state of technology in India and an IT Action Plan with 108 recommendations [10,11]. The Task Force could act quickly because it built upon the experience and frustrations of state governments, central government agencies, universities, and the software industry. Much of what it proposed was also consistent with the thinking and recommendations of international bodies like the World Trade Organization (WTO), International Telecommunications Union (ITU), and World Bank. In addition, the Task Force incorporated the experiences of Singapore and other nations, which implemented similar programs. It was less a task of invention than of sparking action on a consensus that had already evolved within the networking community and government.

Prime Minister Vajpayee captured the changing attitude toward technology in India in his claim that "IT is India's Tomorrow" [13]. This assessment offers a vision of a 21st century India substantially different from that of the 20th century. With its high levels of poverty, bloated and corrupt bureaucracies, protectionist policies, and large size, 20th century India was like the Asian elephant, plodding and turning slowly. At the dawn of a new millennium, Vajpayee and a growing number of politicians, bureaucrats, industry leaders, foreign investors, and bright-eyed entrepreneurs are trying to teach this Asian elephant to dance [14]."

Read More

Working Papers
December 2000

Internet in Turkey and Pakistan: A Comparative Analysis, The

Author(s)
  • Seymour E. Goodman,
  • Peter Wolcott
Internet in Turkey and Pakistan: A Comparative Analysis, The
All Publications button
1
Publication Type
Policy Briefs
Publication Date
Journal Publisher
CISAC/GTISC
Authors

International Cooperation to Protect Cyberspace

-

Reuben W. Hills Conference Room, Encina Hall East, 2nd Floor

Seymour E. Goodman Professor of Interational Affairs and Computing Speaker Georgia Institute of Technology
Seminars
Science, Technology and Security Seminars (2009-2010)

Civil Liberties and Security in Cyberspace

Paragraphs

Societies are becoming more dependent on computer networks and therefore more vulnerable to cyber crime and terrorism. Measures to protect information systems are receiving increasing attention as the threat of attack grows and the nature of that threat is better understood. The primary purpose of this article is to determine what legal standards should govern the use of such measures and what nontechnical constraints are likely to be placed, or should be placed, on them. The article demonstrates that policing of computer networks poses a real threat to privacy, protection against self-incrimination and unwarranted searches and seizures, and the right to due process of law. Technological realities and the differences in national values and rules concerning the intrusiveness of law enforcement, protection of citizen's rights, and international cooperation can complicate the observance of these rights and allow misuse of systems set up for preventing, tracking, or punishing cyber crime. Another purpose of this article is to show that while technologies of crime and punishment are undergoing a rapid and profound evolution, the legal and normative principles discussed here will endure, because they are independent of specific technology. As such, they can provide a framework for building a global infrastructure and policy environment that can balance the needs for crime-free business, government, and personal communications, with the protection of property, privacy, and civil liberties. The article concludes that ensuring civil liberties in the course of legal and technological cooperation against cyber attacks is essential.

All Publications button
1
Publication Type
Policy Briefs
Publication Date
Journal Publisher
CISAC
Authors

How Much Is Enough? A Risk-Management Approach to Computer Security

Paragraphs

How much security is enough? No one today can satisfactorily answer this question for computer-related risks. The first generation of computer security risk modelers struggled with issues arising out of their binary view of security, ensnaring them in an endless web of assessment, disagreement, and gridlock. Even as professional risk managers wrest responsibility away from the first-generation technologists, they are still unable to answer the question with sufficient quantitative rigor. Their efforts are handicapped by a reliance on non-quantitative methodologies originally developed to address the deployment and organizational acceptance issues that plagued first-generation tools.

In this report, I argue that these second-generation approaches are only temporary solutions to the computer security risk-management problem and will eventually yield to decision-focused, quantitative, analytic techniques. Using quantitative decision analysis, I propose a candidate modeling approach that explicitly incorporates uncertainty and flexibly allows for varying degrees of modeling detail to address many of the failings of previous modeling paradigms. Because quantitative modeling requires data, I also present a compilation and critique of publicly available computer security data. I highlight the importance of data collection, sharing, and standardization with discussions of measurement, relevance, terminology, competition, and liability. I conclude with a case study example, demonstrating how uncertain data and expert judgments are used in the proposed modeling framework to give meaningful guidance to risk managers and ultimately to answer the question: How much is enough?

All Publications button
1
Publication Type
Working Papers
Publication Date
Journal Publisher
CISAC
Authors

Project on Peace and Cooperation in the Asian-Pacific Region

The Project on Peace and Cooperation in the Asian-Pacific Region has been a cornerstone of research at the Center for International Security and Cooperation for three decades. It supports initiatives on security cooperation and tension reduction in the Asia-Pacific region with special emphasis on China and Korea. Currently, it focuses on Asian nuclear issues and Northeast Asia regional peace issues.

Subscribe to Information Technology