Imagine a world in which you can attack anyone—anywhere—and in which anyone, anywhere, can attack you. Imagine a world in which you might pose a strategic threat to an established government, and in which governments might require your assistance to provide basic security goods to their citizens. Imagine a world in which the basic premise of Hobbes—that empowered government can protect you—were no longer clearly true, a world in which even radically-empowered government proved hapless before more numerous empowered citizens . . . citizens like you.
This is the world the march of technology is quickly building. And we have no idea how to govern it. Even just beginning the daunting process of grappling with this governance problem constitutes a major challenge for the Obama administration in its second term.
The emergence of what I call the world of many-to-many threats and many-to-many defenses is already starkly visible in cyberspace—with its strange mélange of international crime, vigilantism, government enforcement, espionage, and sabotage. But it is a grave, if common, mistake to think about the problem narrowly as one of cybersecurity. Cyberspace, after all, is merely the platform on which the many-to-many threat and defense environment has developed the furthest to date. So when dealing with networked computers, we are shocked—but not too shocked—that Anonymous can take on major corporations. And we are shocked—but not too shocked—that Wikileaks can take on the US government. And we are shocked—but apparently not too shocked, since the case only merits in-passing news coverage—that a fellow in California can write malware to turn the web cameras of hundreds of women and girls on them, take compromising pictures of them, and then use those images to extort them into making pornographic videos for him.