Lucius Fox, The Dark Knight, The Panopticon Penitentiary and The Democratic Geneva Convention. Same Same but not all that different.

Fact: Your body sheds 50 million skin cells every day in homeostatic conditions.

Fact: An American adult will spend up to 11 hours per day engaging in watching, reading, listening or simply interacting with media on a daily basis.

Our dermis carries in it our DNA telling a story of our epigenetic environment.

Similarly, the data we generate through engagement with IoT devices carries with it characteristics, patterns, behaviours about our age, income, interests, gender, and ethnicity.

Unlike that of our dermis however our data is being watched through service providers such as Apple, Netflix, Youtube, Google, Facebook, Amazon and Microsoft. These companies are embedded into how we live, work and play day to day.

These organisations don’t just have a fly on the wall. Insight into our lives but rather a big brother(BB) sitting next to you at the dining table. This BB has a clear insight into exactly what you think and preference as to the brand, flavour and preference of Triple Brie President cheese,  Lindt Dark Chocolate and Rabbit Ranch pinot red wine you enjoy with your 9-grain crackers at entree, only to have a full stomach prior to dinner.

Insert Jeremy Bentham.

Jeremy Bentham (a social  reformer, social critic and jurist) was the institutor of the panopticon penitentiary (PP). A PP is an institution where inmates are being observed by a single guard without the inmates being able to tell whether or not they are being watched. The inmates are however aware that there is a central node of the authority overseeing their movements and actions in a self-regulating manner.

(A somewhat distilled pop culture reference is the Dark Knight Rises, when Lucius Fox is in control of the high-frequency generator.)https://www.youtube.com/watch?v=p6cv0KsTTfY

Foucault further advanced this idea whereupon the PP was a means to establish discipline and further subjugation to control of citizens.

This single guard in the PP is emblematic of these large technology companies who are watching and recording our movements through increased connectivity via IoT devices. Remember, our degree of connectivity is almost ubiquitous through our iphones, Amazon Elixir, Uber and Google Maps.

It is also timely to think of the relationship we have with these devices given that they are more aware of our inner thoughts, subconscious and behaviours, than our most trusted interpersonal relationships of our parents, friends and relatives.

I would ask-are we unaware of the way our behaviours are being normalised/self-corrected?

In a  PP the inmates are self-aware of being watched.

Your phone, however, feels invisible: there is no sense of fear that you have for it, or a watchful or judgmental gaze that you fear or feel vulnerable toward every-time you enter a Web address. It is just you and Pandora’s box of the world wide web.

As an extension of this thought, it is timely to think about the almost self-appointed authority that rectangular search bars the Internet.

While perhaps a void that priests and doctors would formerly fill as self-appointed authorities in previous centuries (and accordingly distill from subjectivity and objectivity to then normalize behaviour) the Internet and the services it provides are a new form of surveillance, normalization and examination at the discretion of powerful IT/IoT aforementioned providers.  

Our data and the complex journey through servers and timestamps they imprint, leaving a paper trail that can be exploited not simply for commercial gain.

You and your aggregate metadata are targets not just for commercial companies but increasingly state and nonstate actors in diplomatically offensive capabilities.

Increasingly state and non-state actors can interfere with the building blocks of any society given the role that technology plays into the rich tapestry of how our society is structured, namely our democratic institutions of government and free-media.  This interference comes in the form of misinformation in mass communication or corruption in the democratic voting processes.

More economic, social and political damage can be done by systematically shutting down closed circuit electricity and communication grids in urban settings than intimidation and strategic fly-overalls over contested geography.

The internet is the new battlefield given the limitations of projecting traditional means of power as the cost of armed warfare and the cost of life becomes a decision that no political leader wants to make defending ideals that history often does not look back favourably upon.  

Accordingly, the foremost policy agenda of the 21st century of state and non-state actors similar to that of the non-proliferation of Nuclear Weapons and the Chemical Weapons Convention is the Digital Geneva Convention (DGC). While many multi and bilateral agreements have emerged in the diplomatic cyber space in the USA-China, US-India, Australian-China and Sino-Russian space, many of these are written to preserve diplomatic relations ‘in agreement’ rather than a strict set of binding referential norms in the advent that war should be the necessary course of action.

A timely call to action by Microsoft’s Brad Smith of the need of the DGC is necessary given the emergent issue of cyber crime that requires legally binding participation of state and non-state actors. At present whilst many countries attest to having offensive cyber capabilities at this point in time attaching state authorities in name to these attacks is intangible and clandestine.  Technology such as blockchain that ensure transparency, immutability and efficiency in digital information flows is timely. (Pre-eminent US diplomat Anja Manuel spoke of the need for a U.S. foreign policy direction strategy on blockchains that into the future will play an increasingly larger role at the intersection of foreign policy and technology.)

The DGC provides a necessary set of  binding moral values, ideals and beliefs emblazoned in the convention seeking to promote a commitment toward non-proliferation protecting civilians in the global Internet landscape, creating a binding benevolent obligation to ‘do no harm’. Our own personal social, economic and political well-being is increasingly dependent upon the cyber society that is and has emerged to date. This is critical in order to preserve the democratic values that are instantiated socio-culturally to cyber-space and govern the emergent oligarch that technology companies obey.

So what does the convention actually articulate?

In a nutshell, the DGC articulates that state and non-state actors should not attack digital systems that would compromise:

1. The security and safety of citizens such as in hospitals and electric companies
2. The structural integrity of financial systems that would lead to a major economic crisis
3. The private accounts of free-press and media
4. The information to steal the intellectual property of companies
5. The control of weapons systems  used for intelligence, war and law enforcement
6. The engagement in cyber warfare engagement that in any way may directly comprise the lives of citizens
7. The hacking of digital  infrastructure systems in crisis settings. (The UNHCR further attests the need for the definition of human rights and humanitarian protections in the digital age.)

   A) Cyber attacks directly compromise civilian human rights protections. To what end do the rights of humans extend in the new digital battlefield.

   B) At present, there is no universal standard on the regulation of information technology communications in humanitarian contexts. 

   C) Greater focus needs to be refined upon the benevolent principles of neutrality, impartiality, independence and humanity

Key statements from the accord include:

“The companies will not help governments launch cyber-attacks against innocent citizens and enterprises, and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution.”

And:

“A digital Geneva convention that will commit governments to protecting civilians from nation-state attacks in times of peace.”

At this point in time, the signatories to the DGC are Facebook, Microsoft, Arm, and Trend Micro organisations operating out of US and Western Europe. Notably, however, Apple, Google and Amazon have not signed up for the convention. Companies from Russia, North Korea and Iran have also not signed the DGC.

(Pause for a moment and think. These companies are multinational. They hold more information about citizens than do governments. This is real power. The power to exert itself at a truly individual level. Power through surveillance, encouragement and discouragement. Self correcting your ‘I am feeling lucky first link’. Power is operating at a truly individual level and a narrow set of choices that you accordingly navigate on the first page of a Google search, whose links appear based upon the independence of your search term but also the dependence of ad words and corresponding advertising revenue)

The 3rd and 4th Industrial Revolution has and will spell a dawn of new international security norms as the Internet becomes the new battlefield of the 21st century.

Thoughtful and informed discourse is necessary to further progress the DGC. 

Transparency holds power to account. DGC is but the first step in molding transparency.