Political secrecy in Europe: crisis management and crisis exploitation

This article theorises the relationship of crisis and political secrecy in European public policy. Combining the literatures on crisis management and securitisation, it introduces two distinct types of crisis-related secrecy. (1) Reactive secrecy denotes the deliberate concealment of information from the public with the aim of reducing immediate negative crisis consequences. It presents itself as a functional necessity of crisis management. (2) Active secrecy is about substantive or procedural secrecy employed by authority-holders to implement their interests with fewer restraints. Here, secrecy is an instrument of crisis exploitation, reducing obstacles to extraordinary measures. This distinction is based on an understanding of authority-holders as simultaneous legitimacy- and discretion-seekers whose secrecy politics depend on the constraints and opportunities presented by crises. In order to illustrate active and reactive secrecy, the article uses examples from the euro crisis (Eurogroup summitry, ECB sovereign bond purchases) and the security crisis after 9/11 (terror lists)

Secrecy, Fear and Transaction Costs: The Business of Soviet Forced Labour in the Early Cold War

In 1949 the Cold War was picking up momentum. The Soviet state had entered its most secretive phase. The official rationale of secrecy was defense against external enemies. One of the Gulag’s most important secrets was the location of its labour camps, scattered across the length and depth of the Soviet Union. As this secret was guarded more and more closely, the camps began to drop out of the Soviet economic universe, losing the ability to share necessary information and do business with civilian persons and institutions without disclosing a state secret: their own location. For some months in 1949 and 1950, the Gulag’s camp chiefs and central administrators struggled with this dilemma without achieving a resolution. This episode teaches us about the costs of Soviet secrecy and raises basic questions about how secrecy was calibrated.Cold War, Forced Labour, Secrecy, Transaction Costs, Soviet Union

Slave to the Algorithm? Why a \u27Right to an Explanation\u27 Is Probably Not the Remedy You Are Looking For

Algorithms, particularly machine learning (ML) algorithms, are increasingly important to individuals’ lives, but have caused a range of concerns revolving mainly around unfairness, discrimination and opacity. Transparency in the form of a “right to an explanation” has emerged as a compellingly attractive remedy since it intuitively promises to open the algorithmic “black box” to promote challenge, redress, and hopefully heightened accountability. Amidst the general furore over algorithmic bias we describe, any remedy in a storm has looked attractive. However, we argue that a right to an explanation in the EU General Data Protection Regulation (GDPR) is unlikely to present a complete remedy to algorithmic harms, particularly in some of the core “algorithmic war stories” that have shaped recent attitudes in this domain. Firstly, the law is restrictive, unclear, or even paradoxical concerning when any explanation-related right can be triggered. Secondly, even navigating this, the legal conception of explanations as “meaningful information about the logic of processing” may not be provided by the kind of ML “explanations” computer scientists have developed, partially in response. ML explanations are restricted both by the type of explanation sought, the dimensionality of the domain and the type of user seeking an explanation. However, “subject-centric explanations (SCEs) focussing on particular regions of a model around a query show promise for interactive exploration, as do explanation systems based on learning a model from outside rather than taking it apart (pedagogical versus decompositional explanations) in dodging developers\u27 worries of intellectual property or trade secrets disclosure. Based on our analysis, we fear that the search for a “right to an explanation” in the GDPR may be at best distracting, and at worst nurture a new kind of “transparency fallacy.” But all is not lost. We argue that other parts of the GDPR related (i) to the right to erasure ( right to be forgotten ) and the right to data portability; and (ii) to privacy by design, Data Protection Impact Assessments and certification and privacy seals, may have the seeds we can use to make algorithms more responsible, explicable, and human-centered

The Mosaic Theory, National Security, and the Freedom of Information Act

This Note documents the evolution of the mosaic theory in Freedom of Information Act (FOIA) national security law and highlights its centrality in the post-9/11 landscape of information control. After years of doctrinal stasis and practical anonymity, federal agencies began asserting the theory more aggressively after 9/11, thereby testing the limits of executive secrecy and of judicial deference. Though essentially valid, the mosaic theory has been applied in ways that are unfalsifiable, in tension with the text and purpose of FOIA, and susceptible to abuse and overbreadth. This Note therefore argues, against precedent, for greater judicial scrutiny of mosaic theory claims

Secrecy and Democratic Decisions

Secrecy to protect intelligence sources and methods appears often in the nation\u27s discourse about controversial national security matters. Often it is asked whether such secrecy is consistent with the nation\u27s democratic principles and processes. This article argues such principles and processes provide a framework through which we try to answer questions about secrecy and indeed legitimate them, but are often too broad to provide definitive guidance in specific cases. At the same time, the sources and methods argument itself is overbroad because of the nature of the sources and methods themselves; the tentative nature of intelligence assessments derived from those sources and methods; the often modest role intelligence plays in policymaking; the sometimes flawed logic of the sources and methods argument; and the costs incurred by information asymmetries. This has several implications for the use of secrecy in decisions of national moment; the protection of civil liberties and the state secrets privilege; and oversight of the intelligence community and others who make the sources and methods argument

Evolution of security engineering artifacts: a state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research