Download This PaperResilience for a Digital Age
2024 University of Chicago Legal Forum 45
Virginia Public Law and Legal Theory Research Paper No. 2024-04
30 Pages Posted: 10 Jan 2024 Last revised: 11 Jan 2024
Date Written: January 7, 2024
Abstract
A resilience agenda is an essential part of protecting national security in a digital age. Digital technologies impact nearly all aspects of everyday life, from communications and medical care to electricity and government services. Societal reliance on digital tools should be paired with efforts to secure societal resilience. A resilience agenda involves preparing for, adapting to, withstanding, and recovering from disruptions in ways that advance societal interests, goals, and values. Emphasizing resilience offers several benefits: 1) Resilience is threat agnostic or at least relatively threat neutral; 2) its inward focus emphasizes actions under the control of a targeted country, rather than attempting to change behaviors of external adversaries; and 3) because resilience can address multiple threats simultaneously, it may be less subject to politicization. A resilience strategy is well-suited to address both disruptions to computer systems—whether from cyberattacks or natural disasters—and disruptions to the information environment from disinformation campaigns sowing discord. A resilience agenda is realistic, not defeatist, and fundamentally optimistic in its focus on how society can withstand and move forward from adverse events.
This Article identifies tactics to bolster resilience against digitally enabled threats across three temporal phases: anticipating and preparing for disruptions, adapting to and withstanding disruptions, and recovering from disruptions. The tactics of a resilience strategy across these phases are dynamic and interconnected. Resilience tactics in the preparation phase could include creating redundancies (including low-tech or no-tech redundancies) or “pre-bunking” disinformation campaigns. Actions in the preparation phase help with adapting to and withstanding disruptions when they are ongoing. Forewarning people about cyberattacks can ensure they do not panic when crucial services cease to function. More persistent and recurrent threats like disinformation campaigns may require structural adaptations, like privacy law reform, to curb the exploitation of personal data that can be used for democracy-damaging disinformation. Recovering from disruptions draws on steps taken earlier. Resilience tactics in the recovery phase could include reverting to manual controls and turning to pre-positioned hardware stockpiles that enable continuity of operations after cyberattacks, as well as supporting and protecting journalists and researchers subject to intimidating online abuse. These are just possibilities—a resilience strategy is ours to imagine and pursue, and doing so is a crucial step to strengthen national security for a digital age.
Keywords: cyber, cybersecurity, disinformation, deepfake, resilience, digital, national security, security, artificial intelligence, AI, misinformation, prebunking
Suggested Citation: Suggested Citation
Kristen Eichensehr (Contact Author)
University of Virginia School of Law ( email )
580 Massie Road
Charlottesville, VA 22903
United States
Danielle Keats Citron
University of Virginia School of Law ( email )
580 Massie Road
Charlottesville, VA 22903
United States