In 2009, world events collided with Schaake’s position as a newly-seated MEP. While the democratic elections in the EU were unfolding without incident, 3,000 miles away in Iran, a very different story was unfolding. Following the re-election of Mahmoud Ahmadinejad to a second term as Iran’s president, allegations of fraud and vote tampering were immediately voiced by supporters of former prime minister Mir-Hossein Mousavi, the leading candidate opposing Ahmadinejad. The protests that followed quickly morphed into the Green Movement, one of the largest sustained protest movements in Iran’s history after the Iranian Revolution of 1978 and until the protests against the death of Mahsa Amini began in September 2022.
 
With the protests came an increased wave of state violence against the demonstrators. While repression and intimidation are nothing new to autocratic regimes, in 2009 the proliferation of cell phones in the hands of an increasingly digitally connected population allowed citizens to document human rights abuses firsthand and beam the evidence directly from the streets of Tehran to the rest of the world in real-time.
 
As more and more footage poured in from the situation on the ground, Schaake, with a pre-politics background in human rights and a specific interest in civil rights, took up the case of the Green Movement as one of her first major issues in the European Parliament. She was appointed spokesperson on Iran for her political group. 

The Best of Tech and the Worst of Tech

But the more Schaake learned, the clearer it became that the Iranian were not the only ones using technology to stay informed about the protests. Meeting with ights defenders who had escaped from Iran to Eastern Turkey, Schaake was told anecdote after anecdote about how the Islamic Republic’s authorities were using tech to surveil, track, and censor dissenting opinions.
 
Investigations indicated that they were utilizing a technique referred to then as “deep packet inspection,” a system which allows the controller of a communications network to read and block information from going through, alter communications, and collect data about specific individuals. What was more, journalists revealed that many of the systems such regimes were using to perform this type of surveillance had been bought from, and were serviced by, Western companies.
 
For Schaake, this revelation was a turning point of her focus as a politician and the beginning of her journey into the realm of cyber policy and tech regulation.
 
“On the one hand, we were sharing statements urging to respect the human rights of the demonstrators. And then it turned out that European companies were the ones selling this monitoring equipment to the Iranian regime. It became immediately clear to me that if technology was to play a role in enhancing human rights and democracy, we couldn’t simply trust the market to make it so; we needed to have rules,” Schaake explained.

The Transatlantic Divide

But who writes the rules? When it comes to tech regulation, there is longstanding unease between the private and public sectors, and a different approach between the East and West shores of the Atlantic. In general, EU member countries favor oversight of the technology sector and have supported legislation like the General Data Protection Regulation (GDPR) and Digital Services Act to protect user privacy and digital human rights. On the other hand, major tech companies — many of them based in North America — favor the doctrine of self-regulation and frequently cite claims to intellectual property or widely-defined protections such as Section 230 as a justification for keeping government oversight at arm’s length. Efforts by governing bodies like the European Union to legislate privacy and transparency requirements are with raised hackles 
 
It’s a feeling Schaake has encountered many times in her work. “When you talk to companies in Silicon Valley, they make it sound as if Europeans are after them and that these regulations are weapons meant to punish them,” she says.
 
But the need to place checks on those with power is rooted in history, not histrionics, says Schaake. Memories of living under the eye of surveillance states such as the Soviet Union and East Germany still are fresh on many European’s minds. The drive to protect privacy is as much about keeping the government in check as it is about reining in the outsized influence and power of private technology companies, Schaake asserts.
 

Big Brother Is Watching

In the last few years, the momentum has begun to shift. 
 
In 2020, a joint reporting effort by The Guardian, The Washington Post, Le Monde, Proceso, and over 80 journalists at a dozen additional news outlets worked in partnership with Amnesty International and Forbidden Stories to publish the Pegasus Project, a detailed report showing that spyware from the private company NSO Group was used to target, track, and retaliate against tens of thousands journalists, activists, civil rights leaders, and even against prominent politicians around the world.
 
This type of surveillance has innovated quickly beyond the network monitoring undertaken by regimes like Iran in the 2000s, and taps into the most personal details of an individual’s device, data, and communications. In the absence of widespread regulation, companies like NSO Group have been able to develop commercial products with capabilities as sophisticated as state intelligence bureaus. In many cases, “no-click” infections are now possible, meaning a device can be targeted and have the spyware installed without the user ever knowing or having any suspicions that they have become a victim of covert surveillance.

“If we were to create a spectrum of harmful technologies, spyware could easily take the top position,” said Schaake, speaking as the moderator of a panel on “Countering the Misuse of Technology and the Rise of Digital Authoritarianism” at the 2023 Summit for Democracy co-hosted by U.S. President Joe Biden alongside the governments of Costa Rica, the Netherlands, Republic of Korea, and Republic of Zambia.
 
Revelations like those of the Pegasus Project have helped spur what Schaake believes is long-overdue action from the United States on regulating this sector of the tech world. On March 27, 2023, President Biden signed an executive order prohibiting the operational use of commercial spyware products by the United States government. It is the first time such an action has been formally taken in Washington.
 
For Schaake, the order is a “fantastic first step,” but she also cautions that there is still much more that needs to be done. The use of spyware made by the government is not limited by Biden's executive order, and neither is the use by individuals who can get their hands on these tools. 

Human Rights vs. National Security

One of Schaake’s main concerns is the potential for governmental overreach in the pursuit of curtailing the influence of private companies.
 
Schaake explains, “What's interesting is that while the motivation in Europe for this kind of regulation is very much anchored in fundamental rights, in the U.S., what typically moves the needle is a call to national security, or concern for China.”
 
It is important to stay vigilant about how national security can become a justification for curtailing civil liberties. Writing for the Financial Times, Schaake elaborated on the potential conflict of interest the government has in regulating tech more rigorously:
 
“The U.S. government is right to regulate technology companies. But the proposed measures, devised through the prism of national security policy, must also pass the democracy test. After 9/11, the obsession with national security led to warrantless wiretapping and mass data collection. I back moves to curb the outsized power of technology firms large and small. But government power must not be abused.”
 
While Schaake hopes well-established democracies will do more to lead by example, she also acknowledges that the political will to actually step up to do so is often lacking. In principle, countries rooted in the rule of law and the principles of human rights decry the use of surveillance technology beyond their own borders. But in practice, these same governments are also sometimes customers of the surveillance industrial complex. 

Schaake has been trying to make that disparity an impossible needle for nations to keep threading. For over a decade, she has called for an end to the surveillance industry and has worked on developing export controls rules for the sale of surveillance technology from Europe to other parts of the world. But while these measures make it harder for non-democratic regimes to purchase these products from the West, the legislation is still limited in its ability to keep European and Western nations from importing spyware systems like Pegasus back into the West. And for as long as that reality remains, it undermines the credibility of the EU and West as a whole, says Schaake. 
 
Speaking at the 2023 Summit for Democracy, Schaake urged policymakers to keep the bigger picture in mind when it comes to the risks of unaccountable, ungoverned spyware industries. “We have to have a line in the sand and a limit to the use of this technology. It’s extremely important, because this is proliferating not only to governments, but also to non-state actors. This is not the world we want to live in.”

Building Momentum for the Future

Drawing those lines in the sands is crucial not just for the immediate safety and protection of individuals who have been targeted with spyware but applies to other harms of technology vis-a-vis the long-term health of democracy.

“The narrative that technology is helping people's democratic rights, or access to information, or free speech has been oversold, whereas the need to actually ensure that democratic principles govern technology companies has been underdeveloped,” Schaake argues.

While no longer an active politician, Schaake has not slowed her pace in raising awareness and contributing her expertise to policymakers trying to find ways of threading the digital needle on tech regulation. Working at the Cyber Policy Center at the Freeman Spogli Institute for International Studies (FSI), Schaake has been able to combine her experiences in European politics with her academic work in the United States against the backdrop of Silicon Valley, the home-base for many of the world’s leading technology companies and executives.
 
Though now half a globe away from the European Parliament, Schaake’s original motivations to improve society and people’s lives have not dimmed.

“It’s up to us to guarantee the upsides of technology and limit its downsides. That’s how we are going to best serve our democracy in this moment,” she says.
 
Schaake is clear-eyed about the hurdles still ahead on the road to meaningful legislation about tech transparency and human rights in digital spaces. With a highly partisan Congress in the United States and other issues like the war in Ukraine and concerns over China taking center stage, it will take time and effort to build a critical mass of political will to tackle these issues. But Biden’s executive order and the discussion of issues like digital authoritarianism at the Summit for Democracy also give Schaake hope that progress can be made.
 
“The bad news is we're not there yet. The good news is there's a lot of momentum for positive change and improvement, and I feel like people are beginning to understand how much it is needed.”
 
And for anyone ready to jump into the fray and make an impact, Schaake adds a standing invitation: “I’m always happy to grab a coffee and chat. Let’s talk!”

The complete recording of "Countering the Misuse of Technology and the Rise of Digital Authoritarianism," the panel Marietje Schaake moderated at the 2023 Summit for Democracy, is available below.

Click the link for a transcript of “Spies, Lies and Algorithms with Amy Zegart."

The Origins of Spies, Lies and Algorithms

When I was a professor at UCLA, I was teaching an intelligence class. On a lark, I did a survey of my students and I asked them about their spy-themed entertainment viewing habits, as well as their attitudes towards certain intelligence topics like interrogation techniques.

What I found was there was a statistically significant correlation between their spy-themed viewing habits; people who watch the show 24 all the time were far more pro-waterboarding, among other things, than students who didn't watch spy-themed entertainment.

This got me really thinking, what do people know about espionage? Where do they get this information? And what I found is that most Americans don't know anything about the intelligence community, and when you're talking about spy agencies in a democracy, that's really problematic.

The original book was going to be more of a textbook for the class I was teaching, but as I write it, so many things started to change in the intelligence community, both politically and technologically. So with that in mind, I tried to make it forward looking to where intelligence needs to go, not just backward to where it’s been.

Who are the Spies?
 

The biggest surprise for me came from the research I did on open-source intelligence and nuclear threats. If ever there was an area you would think spy agencies would have cornered the market on intelligence, it would be nuclear threats.

But what I found is that there's a whole ecosystem of non-governmental people tracking nuclear threats around the world and actually uncovering really important things. That includes some open-source nuclear sleuths here at Stanford among my colleagues at CISAC.

The more I dug into this, the more I realized that open-source intelligence and publicly available data is the ballgame in the future of intelligence. Secrets still matter; but they matter a whole lot less than they did even ten years ago.

There is so much insight that we can glean from open-source information, but the intelligence community has to figure out better ways to connect with organizations and people who are in this ecosystem.

What are the Lies?

Intelligence is about deception. We don't want our enemies to understand all of our military capabilities, for example, or what our intentions are.

But I think the technology and data revolutions of the last few decades has also changed the nature of deception. It’s gone from elites deceiving elites about where their troops are, and whether they're going to attack, to mass audience deception and this disinformation-information warfare of domestic audiences like we're experiencing here in the United States.

Understanding deception, not in a pejorative sense but as an analytic frame, is critically  important to being able to gather and analyze intelligence correctly.

The Power of Algorithms in Intelligence

We're drowning in data. The amount of data on Earth is estimated to double every two years. Think about that for a minute. It's just an astounding amount of data. And it's too much for any human to deal with.

So, if intelligence is in the business of collecting or finding needles in haystacks, the haystacks are growing exponentially. The intelligence community has to use artificial intelligence and other tools to augment human analysts. AI frees up analysts to then ask questions about things like intent, which humans can figure out much better than machines.

Imagine an algorithmic red team: you have humans that are developing assessments of what is Putin going to do in Ukraine, and you've got a red team that's just algorithms aggregating data, so that you have a sort of competitive analysis between humans and machines that can make the humans better. Those are the kinds of things that intelligence agencies need to be doing much more with AI.

In a multipolar international system during the era of technology disruption, international security continues to be fragile. Whether overtly or covertly, ambitious states have been competing to obtain a comparative advantage over the one-another, such as China and the United States. While governments rely on national technical means (NTM) on tracking other states’ actions, the implications of this competition would ultimately fall on the general population. The ubiquitous nature of international security has inspired many academic experts, private organizations, and corporations to develop open-source intelligence (OSINT) analysis with the purpose of improving transparency and expanding NTM capacities. Of the most prominent OSINT fields is geospatial intelligence and imagery analysis, which has come a long way through increased cooperation with commercial data providers, particularly satellite companies.

Over the last decade, the quality of imagery collection has increased in both spatial and temporal resolution. While the former allows for the discerning of smaller objects captured on the surface of Earth and positive identification of them, the latter allows for monitoring of sites on a daily, weekly, or monthly basis. Therefore, both are required for a comprehensive analysis of the site of interest and proper academic practice.

Over the summer, I worked with Allison Puccioni, a career imagery analyst and a consultant at BlackSky, who provided me an opportunity to cooperate with BlackSky and Planet, two of the leading commercial satellite companies on the salient issue of the proliferation of weapons of mass destruction (WMD). An article from The Drive released on July 14, 202, sparked interest in a remote facility in Xinjiang, China just south of Bosten Lake.The functionality of the facility is still disputed, but the structural features suggest that it may be a directed-energy weapons (DEW) development facility. As no previous research on this facility had been conducted, we decided to conduct a comprehensive analysis together with Allison and Katharine Leede, a senior majoring in Political Science and part of the CISAC Undergraduate Honors Program.

This analysis required the acquisition of extensive imagery of the site, which was available only at BlackSky through their global monitoring program. BlackSky was more than willing to share the imagery with us in an effort to establish academic-private sector cooperation. The data consisted of 400 images of the site spanning from mid-2019 to August 2021. To manage this large amount of data, we went through every single image, noting any key features and tracking them over time. The image below depicts an aerial view of the Bosten Lake Facility, which is characterized by the presence of large hangars with retractable roofs. The imagery is also of high temporal resolution, up to 10 images a day in some cases. This frequency allows us to create a pattern-of-life where we identified the times and days of the week the hangars would be open. Assuming that the current hypothesis is that this facility is a DEW testing site, we can infer that the tests were conducted when the hangars were open. However, further analysis is required to confirm this statement. After compiling the pattern-of-life analysis, we needed to identify the objects inside the hangars in order to confirm our hypothesis.

While BlackSky imagery has an unmatched temporal resolution, it comes at the cost of spatial resolution. Therefore, we identified key images in which activity at the site was at its highest and requested those images from Planet. Planet’s SkySat satellite constellation has a resolution of 0.5 meters, allowing one to identify small objects in the image. This technique we used is generally referred to in the intelligence community as Low-to-High Resolution Tipping and Cueing. This is the process of monitoring an area or an object of interest by a sensor and requesting “tipping” another complementary sensor platform to acquire “cueing” an image over the same area.

This project has also attracted interest from major defense-related media outlets, most notably Janes Intelligence Review (JIR). Upon completion, this project will result in a published article in JIR and is scheduled for the December 2021 edition. Additionally, the project received attention from the Defense Innovation Unit in the U.S. Department of Defense, whose representatives expressed interest in establishing cooperation for future projects.

This internship provided  me an opportunity to be one of the first people to analyze an emerging case study such as the Bosten Lake Facility in China and learn how to work with commercial satellite companies. As a military officer in the Kosovar Army, I will have to deal with public-private partnerships, and the connections I have made together with the communication and networking skills I acquired will contribute to a more successful career. Additionally, geospatial intelligence analysis will be included in my job description as an intelligence officer, thus having had the chance to practice the necessary skills in both an academic and corporate setting will greatly aid me in the future.

Finally, the UNDPPA internship also allowed me to be part of the pioneering team for an environmental security project in the Democratic People’s Republic of Korea (DPRK). The project was initiated as a result of negotiations between the UNDPPA and DPRK, and environmental security became the only area of mutual interest that will further facilitate cooperation from the DPRK government. As the framework for this project was only developed this summer, it is still an ongoing process requiring coordination between policymakers, diplomats, DPRK representatives, and the engineering team who realizes the requirements put forward into a platform similar to the Iraq Water Security Project. As I have had the opportunity to be present during the creation of this project, I will be looking forward to contributing to its development and seeing the result.

When President Biden announced in the spring that America would withdraw its troops from Afghanistan by the fall, he spoke of terrorism threats — but never mentioned Islamic State Khorasan, or ISIS-K, the Islamic State’s affiliate in Afghanistan. In threat assessments about Afghanistan as late as April, the director of national intelligence, Avril Haines, barely brought up ISIS-K. On Aug. 20 Mr. Biden mentioned the group, in a speech on the last-minute effort to evacuate stranded U.S. citizens and vulnerable Afghans after the Taliban had overrun Afghanistan.

Read the rest at The New York Times