Tag Archives: Cybersecurity

A Multiverse of Metaverses

By Sadev Parikh

Eric Ravenscraft’s Wired article shows us the difficulty of defining the “metaverse,” which may be better understood through the lens of Wittgenstein’s idea of family resemblances than through any attempt at clear-cut definition. Metaverse can be seen as a concept made up of family resemblances that include elements of virtual reality, augmented reality, and haptic feedback. While these technical elements may ground the concept, various metaverses could vary along parameters such as the centralization of power, financialization, and degree of anonymity for users. Armed with this framework, we might predict how the metaverse may manifest in the United States.

Considering centralization of power, we see two competing visions: one concentrated around Facebook (i.e., Meta), and the vision of a “Web 3” that might include worlds like Decentraland built around principles of decentralized decision-making and power enabled by blockchain technology.

A Facebook-driven metaverse could become the dominant mode, simply through its incumbent network effects and persistence as a premier destination for advertisers, as well as customer lock-in stemming from adjacent services (such as Messenger, Groups) that are increasingly essential to participating in modern life. The “Future Threats to Digital Democracy” report captures internet harms directly tied to the influence of Facebook and its business model on the internet.

Digitally impaired cognition is driven by social media content algorithms “engineered for virality, sensationalism, provocation and increased attention.” Reality apathy comes from the diffusion of re-shared negative content that is upranked by Facebook’s algorithms. It’s easy to imagine that a Facebook-driven metaverse is therefore likely to replicate the same features given Facebook’s need to monetize.

Only now, Facebook’s paradigm may disintermediate not only our cognitive lives via smartphones but also our physical interactions, from the mundane like work meetings to even intimate moments like hugging enabled by haptic feedback suits. That said, perhaps Libra’s failure and Facebook’s February stock plummet portend a future where Mark Zuckerberg’s dreams no longer translate inevitably to our reality.

Continue reading A Multiverse of Metaverses

Bubbles Over Barriers: Amending the Foreign Sovereign Immunities Act for Cyber Accountability

More and more often, the Foreign Sovereign Immunities Act (FSIA) has protected cyberattack-conducting state actors and their cybersecurity contractors from legal liability and suits brought by victims seeking redress in US courts.

Adam Silow argues that it is time for foreign sovereign immunity to receive an update for the digital era. State-sponsored cyberattacks and their use of cybersecurity contractors are increasing, particularly affecting human rights activists and large companies with key data and trade secrets. The US government’s responses, namely, diplomacy, sanctions, or issuing “speaking indictments” by prosecutors have been inadequate, and statutory language of the FSIA does not clearly allow liability for cyberattacks, even under the new terrorism amendments.

Some experts propose merely amending the language to include liability for all cyberattacks, which Silow argues may inadvertently allow liability for legitimate state action. Instead, Silow concludes that more targeted legislation should protect specific victims of cyberattacks, namely human rights activists and targets of trade secrets, and allow those victims to legally overcome foreign sovereign immunity in US courts.

Outsourcing the Cyber Kill Chain: Reinforcing the Cyber Mission Force and Allowing Increased Contractor Support of Cyber Operations

The United States is under a growing and constant threat of cyberattack. US cybersecurity strategy has evolved in response, adapting to the new threat climate by committing US Cyber Command to more aggressive and persistent peacetime cyber operations. However, the Department of Defense Cyber Mission Force (CMF) has been stretched thin attempting to carry out its new mission, requiring additional commitments to resourcing, force size, and capabilities.

Homer A. La Rue argues that increased participation of private contractors in US cyber operations is the best way to bolster the CMF’s capabilities, at least in the short term. Contractors may be particularly useful in “gray-zone” operations, that is, operation in the area that exists beyond the threshold of conventional diplomacy but falls short of conventional war.

Although there are challenges and risks to increased contractor participation in cyber operations—particularly related to command and control—La Rue argues that methods of managing these risks already exist and that the benefits of outsourcing cyber operations outweighs the risks.