CSET occasionally provides a forum for guest writers to offer their expertise and opinions on emerging technology topics. They may describe a looming challenge or offer new recommendations regarding existing ones. The goal is to present fresh ideas, spark debate, and shape future research. Share your views on this paper with us at cset@georgetown.edu.
Executive Summary
The digital world is increasingly defined by unmitigable risks. Our data cannot be protected at scale. Systems make decisions that their programmers will never understand. It is no longer rare to encounter failures that cannot be addressed even after they are detected. With the fabric of human society so thoroughly digital—driving decisions in healthcare, finance, national security, transportation, and more—nothing less than long-term societal stability is at stake.
In this paper, we argue that digital environmentalism is the only answer to these woes. By “digital environmentalism,” we mean placing individual decisions within the broader context of the risks each generates and ensuring that these risks are distributed by intent rather than by happenstance.
In particular, we contest that the digital hazards we now face are a result of core assumptions about our world—key principles through which we view our basic relationship to technology. We call these assumptions grand “articles of faith,” and provide an overview of three such assumptions in Section 1.
The first article of faith is that there was, and continues to be, a meaningful distinction between the digital and the physical worlds. Put in simpler terms, the idea is that because it once made sense to separate the digital from the physical, it makes sense to continue to do so.
Second is the assumption that technology will always be able to ameliorate our woes—even when technology itself is the cause of our problems. Stated more broadly, this assumption has led us to a world in which technology solves one problem, only to create another, to which we apply a new technological fix, ad infinitum.
Last is the assumption that limitless growth can and should lead to limitless innovation—that is, innovation driving positive feedback loops within itself and without end.
Each of these articles of faith is, to put it simply, mistaken. Each in different ways, and each for different reasons. But each is contributing to a digital world that is fundamentally unsafe for those who populate it.
So what do we suggest? How, given the depth of our problems, are we to secure the world that we technologists are so busily creating?
We argue for three core solutions, knowing full well that much more action is needed. We do so in Section 2.
The first lies in empowering a single regulatory authority—be it the Federal Trade Commission or a new Digital Safety Administration—with the expertise and ability to enforce the limits in cyberspace that we believe are necessary. Such limits involve the creation and enforcement of standards for software development, and some form of mandatory auditing for portions of deployed code.
Second is equipping such an agency with tools to enforce core principles of sustainability. This means ensuring that new code and devices create a meaningful improvement in utility compared to existing alternatives, and are not simply developed for novelty’s sake. It also means forcibly retiring unmaintained code when it is abandoned, as well as mandating accountability through independent assessments, or “red teams,” that are focused on the risks of new technology before that technology is deployed.
Last is the removal—by Congress, the courts, regulatory agencies, or a combination—of software vendors’ ability to disclaim liability in its entirety from their products. Holding software vendors to the same standards as every other industry will, over time, reduce the ability of flawed software to be introduced into the market.
Is it too late to secure the digital world? Is changing our collective approach to technology even feasible?
The momentum is against us; we readily admit that fact. The articles of faith we describe in this paper are deeply held and even more deeply ingrained. It will take significant commitment if we are to reverse these trends and to create a more sustainable digital world. We do not doubt any of these facts.
And yet so, too, are the stakes high. We now deploy code for almost every activity, and we are fast approaching a world where major portions of the software we rely on are incomprehensible and bug-ridden. A litany of failures therefore awaits us.
The time to take action, in other words, is now—before it is too late.