International cyber security policy
Transatlantic Cyber Forum
Cyber security and defense policies increasingly gain importance and momentum worldwide. Issues, such as the regulation of state surveillance, encryption policy and vulnerability exploitation, implications of emerging technologies, cooperation and coordination in the information security realm as well as offensive cyber operations, have implications for the domestic and international spheres alike. Those are global challenges which cannot adequately be addressed from a singular nation-state perspective. It is therefore prudent to learn from each other and develop smart and pragmatic solutions together. The United States as the global technology leader and Germany as a central stakeholder of the European Union with a distinct security and privacy culture and mindset play a major role in providing answers to those challenges.
To further research in the area of international cyber security policies and provide concrete policy recommendations, the Stiftung Neue Verantwortung (SNV) established The Transatlantic Cyber Forum (TCF) in January 2017. TCF is made possible by the financial support of the Robert Bosch Stiftung and the William and Flora Hewlett Foundation.
TCF is an intersectoral network and currently consists of more than 150 experts from civil society, academia and private sector working in various areas of transatlantic cyber security policy. Between 2017 and 2018 the network's focus was on government hacking, vulnerability assessment and management, securing elections and technological innovation for intelligence oversight. The work was conducted by working groups with 30-50 experts each through workshops in Berlin and Washington D.C. and online collaboration.
The current TCF working group "machine learning and information security" analyses the intersection of artificial intelligence and cyber security in the context of national security to provide policy-makers and the executive branch with an overview, discuss implications and offer policy options. The working group currently consists of 35 cyber security experts from the United States, Germany, France and the United Kingdom, including:
- Benedikt Abendroth, Microsoft
- Charles-Pierre Astolfi, Conseil National Du Numérique
- Caroline Baylon, AXA
- Cathleen Berger, Mozilla
- Elisa Brummel, VdTÜV
- Ben Buchanan, Georgetown University
- Daniel Castro, Information Technology and Innovation Foundation
- Betsy Cooper, Aspen Tech Policy Hub
- Thomas "halvarflake" Dullien
- Kara Frederick, Center for a New American Security
- Kenneth Geers, Comodo/ NATO
- Jennifer Granick, American Civil Liberties Union
- Joseph Hall, Center for Democracy and Technology
- Ariel Herbert-Voss, Harvard University
- Wyatt Hoffman, Carnegie Endowment for International Peace
- Michael Hsieh, Tranformative Cyber Innovation Lab
- Sven Jacob, Germany's Federal Office for Information Security
- Frederike Kaltheuner, Privacy International
- Lydia Kostopoulos (as observer), Digital Society Institute
- Thomas Lawson, AXA
- Philippe Lorenz, Stiftung Neue Verantwortung
- Daniel Mossbrucker, Reporters without Borders Germany
- Steven Nyikos, DayBlink Consulting
- Matthias Plappert, OpenAI
- Jörg Pohle, Humboldt Institute for Internet and Society
- Rainer Rehak (as observer), Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung
- Thomas Reinhold, Institute for Peace Research and Security Policy at the University of Hamburg
- Matthias Schulze, Stiftung Wissenschaft und Politik
- Igor Mikolic-Torreira, RAND
- Sven Weizenegger, SUZA
The following publications have been supported by the Transatlantic Cyber Forum:
- Policy Brief - Governmental Vulnerability Assessment and Management
- Policy Brief - A Framework for Government Hacking in Criminal Investigations
- Policy Brief - Securing Democracy in Cyberspace: An Approach to Protecting Data-Driven Elections
- Impulse - Options for more Effective Intelligence Oversight
- Policy Brief - Cyber Operations: Defending Political IT-Infrastructures
- Policy Brief - Government Hacking: Computer Security vs. Investigative Powers
- Statement - Initial Take-Away: Encryption Policy and "Government Hacking"
In addition to the publications, the TCF project team at SNV provides the expert network with short updates (called "policy debates") which identify and discuss German cyber security policy developments.
The TCF project team regularly engages in events and presentations including the Congressional Cybersecurity Caucus, the European Parliament and the German Bundestag and is cited in national and international media including leading German media outlets as well as for example the New York Times and the Washington Post.