Source linked

Cybersecuritization: How Policymakers Weaponize Cybersecurity to Justify Anything

A new paper by Bruce Schneier surfaces the tactic of reframing misinformation, antitrust, and child safety as cybersecurity emergencies to bypass normal governance

bruce schneiercybersecuritizationcybersecurity policymission creepgovernancetechnology policy

Over a dozen distinct policy fights—from child social media safety laws to antitrust regulations to alleged journalist misconduct—are being quietly rebranded as cybersecurity problems. A new paper by Bruce Schneier calls this "cybersecuritization": the deliberate reframing of non-existential issues as existential technological threats to unlock the politics of urgency and exceptionalism.

The Trump Card of Cybersecurity

Once an issue becomes cybersecuritized, it gains access to arguments that override countervailing considerations. The paper mines cases across criminal and civil domains to show how policymakers cast wildly different problems—misinformation, anti-sex trafficking statutes, even First Amendment challenges—as cybersecurity matters. Positioning them as security threats invites deference to purported specialists and their proposed solutions, oversimplifying the problem and making governance choices more opaque.

What Gets Lost in the Reframe

Reframing antitrust as a cybersecurity issue doesn't just change the vocabulary; it shifts the power dynamic. The paper argues that cybersecuritization erodes public trust and political legitimacy by rendering ultimate choices opaque. Oversimplification invites unidimensional solutions—and the reductiveness means the hard work of governance gets abdicated to the trump card of cybersecurity. Schneier's framework aims to surface this insidious pattern before it normalizes further.

Why Engineers Should Care

If you build security tools or write policy briefs, this paper is a mirror. The same urgency that gets you budget for a vulnerability disclosure program can also be exploited to push through surveillance mandates or drown out due process. Schneier's analysis doesn't prescribe a fix, but it gives you a name for the manipulation: cybersecuritization. Naming it is the first step to reclaiming the hard work of governance from those who would rather shout "cybersecurity" than do the hard work of governing.


Source: Cybersecurity Mission Creep in the US
Domain: schneier.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

Comments load interactively on the live page.