Internet Freedom, Human Rights and Power

Internet freedom is rapidly becoming understood as a normative framework for how the Internet should function and be used globally. Recently declared a human right by the United Nations, it also forms a central pillar of the USA's 21st Century Statecraft foreign policy doctrine. This article argues that although there is a clear human rights agenda present in this policy, there is also a power element which is much less discussed or acknowledged in the vast literature on Internet freedom. Through an exploration of both a short history and some important lessons learned about Internet freedom, this article demonstrates how the US Department of State has adapted to the information age in such a way as to harness individual agency (reconceptualised in policy terms as ‘civilian power’) for the promotion of state power. Although this is by no means as stable or reliable as some more conventional mechanisms, it is an expression of power that meets with few challenges to its legitimacy

Scanner Specific Uncertainty of Quantitative MRI: Assessing Consistency for Clinical Implementation

In the past, many of the steps involved in the radiotherapy workflow have been heavily reliant on X-ray based anatomical imaging. Incorporating additional imaging modalities in this workflow has been shown to be promising. This includes aiding in generating and modifying a patient’s treatment regimen and also helping determine a patient’s response to treatment. Magnetic resonance imaging (MRI) is one of these modalities which can provide both enhanced soft-tissue anatomical images and supplementary information relating to changes in tissue physiology (which occurs at a faster rate than anatomical changes). Quantitative imaging biomarkers (QIBs), derived from quantitative MRI (qMRI) techniques, are measurable quantities that relate to tissue physiology (e.g., diffusion or perfusion) and thus are of particular interest in radiotherapy. Given these capabilities, there is potential for MRI to replace X-ray imaging in several steps of the radiotherapy workflow. However, until recent years there were no qMRI quality assurance (QA) guidelines available for departments to assess the technical performance of QIBs on their MRI scanners (e.g., accuracy and repeatability). This resulted in limited work being completed that investigates QIB performance metrics; ultimately limiting the widespread clinical utilisation of qMRI techniques. These investigations are essential to determine if the quantitative values derived can be accurately used to guide radiotherapy workflow decisions

Cybersecurity in UK Universities: mapping (or managing) threat intelligence sharing within the higher education sector

Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cybersecurity to collaborate as well as the factors that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers

The irony of the information age : US power and the Internet in international relations

Despite the pervasiveness of the Internet and its importance to a wide range of state functions, we still have little understanding of the implications of this technology for power in the context of International Relations. The Internet has led to a power paradox which forms the central 'puzzle' of this research project. President Obama has described as "the great irony of our Information Age" the fact that those states which have most successfully adopted and exploited the opportunities afforded by the Internet are also most vulnerable to the threats which accompany it. Power enhancing outcomes such as economic growth, and public diplomacy have to be balanced against the theft of intellectual property and attacks on critical infrastructure. No previous technology has been regarded concurrently as a source of power and vulnerability in quite the way that the Internet has. Existing International Relations theories of power, developed in the context of industrial technology, have struggled to incorporate the complexities of the Internet. For much of the 20th century, scholars of International Relations have regarded technology as a constitutive and material element of state power. An understanding of technology as an exogenous factor which impacts upon power and produces universal effects regardless of political context is a conception which misses as much as it reveals in the analysis of power in the information age. This thesis combines the Philosophy of Technology with theories about power from International Relations in order to build a conceptual framework for the study of state power in the information age. It utilises this framework for the study of how conceptions of US power have shaped and influenced three aspects of Internet technology; cyber security, Internet governance and network neutrality. In doing so, the study produces a set of findings which contribute some forward momentum to the stalled debates in International Relations about whether the Internet enhances state power more than it undermines it. The thesis clearly demonstrates that political decisions about technology have directly and profoundly influenced the way the Internet has developed that they have ongoing implications for how the power to control information is distributed. In addition, it was found that US politicians engage with multiple conceptions of power when they debate Internet technology. These conceptions of power can lead to contradictory policy implications and when they do, the decisions that politicians make about whether to privilege material power or social power lead to insights about how they expect US power to function in the information age. Finally, authority and legitimacy were found to be important factors in the exercise of power in this context but significantly, a sense of political authority was often absent in debates about Internet technology policy. These findings underscore the arguments running through this thesis. First, that the implications of the Internet for state power cannot be understood without deeply engaging in the political context in which they are situated and second, that the relationship between power and information technology differs qualitatively from the relationship between power and industrial technology

Cybersecurity in UK universities: mapping (or managing) threat intelligence sharing within the higher education sector

Higher education has recently been identified as a sector of concern by the UK National Cyber Security Centre (NCSC). In 2021, the NCSC reported that universities and higher education institutions (HEI) had been exponentially targeted by cyber-criminals. Existing challenges were amplified or highlighted over the course of the global pandemic when universities struggled to continue to function through hybrid and remote teaching provision that relied heavily on their digital estate and services. Despite the value of the sector and the vulnerabilities within it, higher education has received relatively little attention from the cybersecurity research community. Over 2 years, we carried out numerous interventions and engagements with the UK higher education sector. Through interviews with cybersecurity practitioners working in the sector as well as roundtables, and questionnaires, we conducted a qualitative and quantitative analysis of threat intelligence sharing, which we use as a proxy for measuring and analysing collaboration. In a unique approach to studying collaboration in cybersecurity, we utilized social network analysis. This paper presents the study and our findings about the state of cybersecurity in UK universities. It also presents some recommendations for future steps that we argue will be necessary to equip the higher education sector to continue to support UK national interests going forward. Key findings include the positive inclination of those working in university cyber security to collaborate as well as the factor s that impede that collaboration. These include management and insurance constraints, concerns about individual and institutional reputational damage, a lack of trusted relationships, and the lack of effective mechanisms or channels for sectoral collaboration. In terms of the network itself, we found that it is highly fragmented with a very small number of the possible connections active, none of the organizations we might expect to facilitate collaboration in the network are playing a significant role, and some universities are currently acting as key information bridges. For these reasons, any changes that might be led by sectoral bodies such as Jisc, UCISA or government bodies such as NCSC, would need to go through these information brokers

Qualitative factors in organizational cyber resilience

Cyber resilience moves organizations away from efforts to guarantee security of all systems, towards an approach that acknowledges that systems are bound to fail with a focus instead on the impact of that failure on business objectives. While the work on cyber resilience is evolving, there is a lack of studies using qualitative data for investigating the concepts and themes pertaining to cyber resilience in organizations. The purpose of this study is to uncover the non-technical organizational factors that contribute to better cyber resilience. By adopting a qualitative approach of analyzing factors of organizational resilience, this paper uses primary data collected through 25 interviews at senior leadership or board-level to point out the extent to which these factors facilitate or impede cyber resilience. The study illustrates a Leximancer map of each factor that characterizes organizational cyber resilience, based on insights from cyber practitioner communities through narrative interviews. This research contributes to a better theoretical and practical understanding of how cyber resilience within organizations can be improved. The findings show that cyber strategy and skilled people play a key role in adoption of cyber culture at the management level, while communication between boards and security leadership as well as a clear reporting structure are signals for building cyber resilience

Lessons from the GDPR in the COVID-19 era

As the coronavirus (COVID-19) pandemic keeps claiming human lives and ravaging the global economy, governments, businesses and individuals have turned to digital technologies to both contain the virus and adapt to the ‘new normal’. To interrupt the chain of transmission more effectively, numerous contact-tracing apps - which notify people that they have been in close proximity with COVID-19 carriers - have been rolled out globally. Restaurants, pubs and hospitality businesses have embraced a multitude of mobile apps allowing customers to book tables, place orders and make payments remotely and without human contact, in a move to protect their staff and facilitate social distancing. In response to lockdown measures, people have flocked to the Internet to work, conduct business, stay close with friends and relatives, find entertainment and more. In fact, Facebook, Amazon and YouTube have reportedly lowered the quality of video streaming in Europe to reduce the strain on Internet networks,[1] and companies like Netflix and Zoom have experienced dramatic growth.[2] In this context of expanding datafication of our health and every other aspect of our lives, the COVID-19 pandemic has stress tested not only our healthcare infrastructure but also the soundness of Europe’s General Data Protection Regulation (GDPR) following its entry into force about two years ago. Two important trends can be discerned from this test. First, observance of the GDPR has overall impeded the deployment of excessively invasive contacttracing-based surveillance to contain the virus. Second, as we increase reliance on digital technologies during the pandemic, it becomes virtually impossible to prevent more aspects of our lives from being intensively monitored by both established big tech firms and a growing number of private actors. These two trends combined reveal a transparency and accountability gap between the public and the private sector which warrant innovative solutions to uphold our fundamental rights to privacy and protection of personal data

Optimizing Evaluation and Treatment of Patients with Nausea and Vomiting of Pregnancy in the Emergency Department

Problem Definition Nausea and vomiting of pregnancy (NVP). Approximately 50% prevalence rate Pregnant patients with NVP require special considerations for treatment Long ER wait times Possibly avoidable hospital admission

Using the blockchain to enable transparent and auditable processing of personal data in cloud- based services: Lessons from the Privacy-Aware Cloud Ecosystems (PACE) project

The architecture of cloud-based services is typically opaque and intricate. As a result, data subjects cannot exercise adequate control over their personal data, and overwhelmed data protection authorities must spend their limited resources in costly forensic efforts to ascertain instances of non-compliance. To address these data protection challenges, a group of computer scientists and socio-legal scholars joined forces in the Privacy-Aware Cloud Ecosystems (PACE) project to design a blockchain-based privacy-enhancing technology (PET). This article presents the fruits of this collaboration, highlighting the capabilities and limits of our PET, as well as the challenges we encountered during our interdisciplinary endeavour. In particular, we explore the barriers to interdisciplinary collaboration between law and computer science that we faced, and how these two fields’ different expectations as to what technology can do for data protection law compliance had an impact on the project's development and outcome. We also explore the overstated promises of techno-regulation, and the practical and legal challenges that militate against the implementation of our PET: most industry players have no incentive to deploy it, the transaction costs of running it make it prohibitively expensive, and there are significant clashes between the blockchain's decentralised architecture and GDPR's requirements that hinder its deployability. We share the insights and lessons we learned from our efforts to overcome these challenges, hoping to inform other interdisciplinary projects that are increasingly important to shape a data ecosystem that promotes the protection of our personal data