Rent seeking and digital media exploitation
We hear news of one of the more disturbing aspects of legal intrusion into the intelligence field – the tendency of lawmakers and regulators to craft protectionist legislation – enabling and encouraging rent seeking behaviors that would never survive in a more open marketplace.
This time around it is an area which at first blush might seem tangential to the profession of intelligence - but it is more closely associated with other issues in the field than we would like. South Carolina may force those private parties involved in digital forensics to hold a private investigation license – that hoary old document so beloved of fiction authors and scandal page writers.
The PI business has clearly been losing a lot of ground over the past few decades as business has become ever more global in nature – and not that it ever had much ground to begin with, in the more rarified professional atmospheres of major multinationals. The few top tier exceptions in the field have undergone some dramatic shifts – so much so that reporting on the industry’s turmoil became a staple of the Indigo Publication’s Intelligence Online newsletter. Major players from consulting firms and more specialized shops have emerged to carve away what might have been business opportunities, especially since most executives (and more critically, the lawyers who advise them) disdain the “hard-boiled” image that the term PI evokes. Even if in the modern business of investigations such an image is only a stereotype, it has a strong impact on business realities.
Digital forensics is a pretty wide field, even despite its relative youth. It encompasses activities as disparate as internal systems monitoring, to compliance auditing, to the full range of criminal search and seizure. What it means in a networked world is still very much being explored – particularly given the challenges posed by rapidly evolving hostile technology innovations. In its more advanced networked forms, it often begins to resemble more closely activities in the signals intelligence domain. While this is understandable from the perspective of intelligence studies theory, given that the native competencies of intelligence in the cyber domain have yet to be recognized, it is far to early to allow regulatory frameworks to disrupt the development of the discipline – especially a framework which imposes mechanisms better suited to the Industrial age of rail than the modern age of networks.
We oppose this line of thinking not only for the immediate harm it causes, but for the slippery slope it creates. With each new regulatory overreach, additional activities within the intelligence field become new marginal examples that could be brought under one’s favoured framework. From digital media exploitation it is not far to also seize upon the regulation of document exploitation, and from DOCEX it is easy to bring other aspects of OSINT under the sway of those seeking to profit from entrenched positions. How long then before simple searches within a database, or simple overt elicitation contacts, will require a licensing regime – and one ruled by a clique of established players with only the "right" kind of political connections?
This is among the reasons why we have also opposed the creation of arbitrary standards bodies seeking to define professionalism within the intelligence field – especially those composed of academics who cannot even properly conceptualize many of the key aspects of the profession as it is actually practiced, let alone standardize external measures by which practitioners might be judged. We hold no objection to bodies seeking to advance professionalization through a community of interest, a strong literature, and leadership by example. We also see no issue in individual standards being put into place in specific circumstances – such as the conditions under which a court will recognize sufficient expertise for testimony, or how a government agency will certify knowledge and experience ample for the performance of a contract it is to award, or how employees will be evaluated for promotion within a given shop. But these are far different things than the regulatory creature now rearing its ugly head.
We hope that some degree of sanity will return to these discussions, particularly should the lobbyist guns of the major consulting firm players be warmed up to play against the bush league minors that appear to be driving this process. While the South Carolina case is but one state, the precedent could create more widespread attempts at similar rent-seeking behaviors, both geographically and down that slippery slope of further overreach.
h/t Slashdot
This time around it is an area which at first blush might seem tangential to the profession of intelligence - but it is more closely associated with other issues in the field than we would like. South Carolina may force those private parties involved in digital forensics to hold a private investigation license – that hoary old document so beloved of fiction authors and scandal page writers.
The PI business has clearly been losing a lot of ground over the past few decades as business has become ever more global in nature – and not that it ever had much ground to begin with, in the more rarified professional atmospheres of major multinationals. The few top tier exceptions in the field have undergone some dramatic shifts – so much so that reporting on the industry’s turmoil became a staple of the Indigo Publication’s Intelligence Online newsletter. Major players from consulting firms and more specialized shops have emerged to carve away what might have been business opportunities, especially since most executives (and more critically, the lawyers who advise them) disdain the “hard-boiled” image that the term PI evokes. Even if in the modern business of investigations such an image is only a stereotype, it has a strong impact on business realities.
Digital forensics is a pretty wide field, even despite its relative youth. It encompasses activities as disparate as internal systems monitoring, to compliance auditing, to the full range of criminal search and seizure. What it means in a networked world is still very much being explored – particularly given the challenges posed by rapidly evolving hostile technology innovations. In its more advanced networked forms, it often begins to resemble more closely activities in the signals intelligence domain. While this is understandable from the perspective of intelligence studies theory, given that the native competencies of intelligence in the cyber domain have yet to be recognized, it is far to early to allow regulatory frameworks to disrupt the development of the discipline – especially a framework which imposes mechanisms better suited to the Industrial age of rail than the modern age of networks.
We oppose this line of thinking not only for the immediate harm it causes, but for the slippery slope it creates. With each new regulatory overreach, additional activities within the intelligence field become new marginal examples that could be brought under one’s favoured framework. From digital media exploitation it is not far to also seize upon the regulation of document exploitation, and from DOCEX it is easy to bring other aspects of OSINT under the sway of those seeking to profit from entrenched positions. How long then before simple searches within a database, or simple overt elicitation contacts, will require a licensing regime – and one ruled by a clique of established players with only the "right" kind of political connections?
This is among the reasons why we have also opposed the creation of arbitrary standards bodies seeking to define professionalism within the intelligence field – especially those composed of academics who cannot even properly conceptualize many of the key aspects of the profession as it is actually practiced, let alone standardize external measures by which practitioners might be judged. We hold no objection to bodies seeking to advance professionalization through a community of interest, a strong literature, and leadership by example. We also see no issue in individual standards being put into place in specific circumstances – such as the conditions under which a court will recognize sufficient expertise for testimony, or how a government agency will certify knowledge and experience ample for the performance of a contract it is to award, or how employees will be evaluated for promotion within a given shop. But these are far different things than the regulatory creature now rearing its ugly head.
We hope that some degree of sanity will return to these discussions, particularly should the lobbyist guns of the major consulting firm players be warmed up to play against the bush league minors that appear to be driving this process. While the South Carolina case is but one state, the precedent could create more widespread attempts at similar rent-seeking behaviors, both geographically and down that slippery slope of further overreach.
h/t Slashdot
Labels: cyber intelligence, intelligence law, lawfare, privatization of intelligence, professionalization, use and misuse of intelligence
<< Home