Public bodies and agencies increasingly seek to use new forms of data analysis in order to provide 'better public services'. These reforms have consisted of digital service transformations generally aimed at 'improving the experience of the citizen', 'making government more efficient' and 'boosting business and the wider economy'. More recently however, there has been a push to use administrative data to build algorithmic models, often using machine learning, to help make day-to-day operational decisions in the management and delivery of public services rather than providing general policy evidence. This chapter asks several questions relating to this. What are the drivers of these new approaches? Is public sector machine learning a smooth continuation of e-Government, or does it pose fundamentally different challenge to practices of public administration? And how are public management decisions and practices at different levels enacted when machine learning solutions are implemented in the public sector? Focussing on different levels of government: the macro, the meso, and the 'street-level', we map out and analyse the current efforts to frame and standardise machine learning in the public sector, noting that they raise several concerns around the skills, capacities, processes and practices governments currently employ. The forms of these are likely to have value-laden, political consequences worthy of significant scholarly attention.
The Internet of Things (IoT) is a disruptive innovation known for its socio-economic potential, but also for generating unprecedented vulnerabilities and threats. As a dynamic sociotechnical system, the IoT comprises well-known cybersecurity risks and endemic uncertainties that arise as IoT adoption increases and the system evolves. We highlight the impact of these challenges by analyzing how insecure IoT devices pose threats to both consumer protection and the Internet's infrastructure. While recent regulatory responses are starting to target IoT security risks, crucial deficienciesespecially related to the feedback necessary to keep pace with emerging risks and uncertaintiesmust be addressed. We propose a model of adaptive regulatory governance that integrates the benefits of centralized risk regulatory frameworks with the operational knowledge and mitigation mechanisms developed by epistemic communities that manage day-to-day Internet security. Rather than focusing on the choice of regulatory instruments, this model builds on the "planned adaptive regulation" literature to highlight the need to systematically plan for a knowledge-sharing interface in regulatory governance design for disruptive technologies, facilitating the feedback necessary to address evolving IoT security risks.
The standards landscape for IoT security is currently developing in a fragmented manner. This paper provides a review of the main IoT security standards and guidelines that have been developed by formal standardisation organisations and transnational industry associations and interest alliances to date. The review makes three main contributions to the study of current IoT standards-development processes. First, governments and regulatory agencies in the EU and the US are increasingly considering the promotion of baseline IoT security requirements, achieved through public procurement obligations and cybersecurity certification schemes. Second, the analysis reveals that the IoT security standards landscape is dominated by de facto standards initiated by a diverse range of industry associations across the IoT ecosystem. Third, the paper identifies a number of key challenges for IoT security standardisation, most notably: a) the difficulty of setting a baseline for IoT security across all IoT applications and domains; and b) the difficulty of monitoring the adoption, implementation and effectiveness of IoT security standards and best practices. The paper consequently contributes to a better understanding of the evolution of IoT security standards and proposes a more coherent standards development and deployment approach.
Ongoing efforts by state actors to collaborate on addressing the challenges of global cybersecurity have been slow to yield results. Technical expert communities such as Computer Security and Incident Response Teams (CSIRTs) have played a fundamental role in maintaining the Internet's functional structure through transnational collaboration. Responsible for security incident management and located in diverse constituencies, these coordination centres engage in joint responses and solve day‐to‐day cybersecurity problems through diverse national, regional and international networks. This article argues that CSIRTs form an epistemic community that engages in science diplomacy, at times navigating geopolitical tensions in a way that political actors are not able to. Through interviews with CSIRT representatives, we explain how their collaborative actions, rooted in shared technical knowledge, norms and best practices, contribute to the advancement of international cooperation on cybersecurity.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.