A lot of sensitive information is vulnerable to hacking — financial data, biometric information, personal passwords. And, beyond the impact that breaches around such data can have on hundreds of thousands of people at a time, there’s a greater risk: hacking has the potential to threaten an entire democracy with a few keystrokes. This threat seems to be a crucial and pressing issue that many governments should be rushing to address — in part, by encouraging and empowering hackers.
At first glance, empowering hacking might seem like a radical idea. After all, hackers are often portrayed in media and popular culture as the “internet bad guy” in a basement, endlessly typing code with nefarious intent. However, this image doesn’t really convey the origins of the word, or the value that exists in the identity or role of a hacker.
The word hacker has come to be stigmatized and criminalized, but historically, it referred to someone who was technologically curious — someone who not only took the time to understand (and take apart) technology but also someone who used technical knowledge to solve or overcome problems. Frankly, such a skill set is incredibly valuable in a society saturated with technology. Being able to understand technology affords someone a particular power or literacy that others do not possess. Regrettably, even in a contemporary, technologically driven democracy, few citizens know much about how technology works or how technology influences and governs their lives.
Citizens as Hackers
What if people pushed past the stereotypical definition of what it means to be a hacker and embraced the original definition? What if we recognized that in the digital era, citizens — or some citizens — have to be hackers in order for society as a whole to be more informed?
In a democracy, citizens are supposed to have responsibilities in tandem with rights. That said, a technology-driven society pushes the boundaries of that statement — how responsible can citizens actually be when they don’t understand the platform, software or service? Hackers, on the other hand, are much better positioned to be responsible, given their basic comprehension of the technology systems in place and the potential threats to those systems.
Perhaps this is why the concept of a hacker has come to be so closely associated with security — technology companies notoriously sell and ship technology that has not been properly tested and is rife with holes, bugs and flaws. These threats leave systems and their users vulnerable; often, only hackers are able to take responsibility to find these flaws and fix them.
Hackers for Hire
Fixing flaws and securing systems is a big reason why governments around the world not only hire hackers but often compete to hire the best and brightest (which may not be an easy task, given how many hackers tend to distrust governments). This hacking work might mean actual employment, via intelligence and security agencies, or come in the form of “bug bounties.”
Bug bounties are programs or contests in which government agencies pay hackers to find and report flaws, bugs, exploits or vulnerabilities. The US government is one of the largest to employ such initiatives; the Canadian government has been criticized for not doing so.
The Canadian government does employ a range of hackers across several departments, with perhaps most of them concentrated in the Communications Security Establishment, the federal agency empowered to “protect the computer networks and information of greatest importance to Canada.”
Yet, as society continues to embrace digital technology, the need for hackers — that is, people who can understand, and thereby secure, technology — becomes increasingly important. For example, the Canadian Forces sought to hire hackers to help keep newly computerized vehicles safe from online attacks.
Outside of the more traditional means of employing or engaging with hackers, a murky market of mercenaries, exploits and code designed to take advantage of vulnerabilities exists as well. The legality of these markets and of government involvement in them are hotly debated.
Today, governments still regard hacking with a narrow view of computer security. And, maybe due in part to our fear of the unknown, darker sides of the digital world, hackers are considered an elite, if potentially criminal, group, rather than merely responsible, tech-savvy citizens.
Changing this view requires a high level of digital literacy, and in Canada, digital literacy initiatives are of relatively low priority and met with low expectations.
Specifically, these programs are designed to address the digital divide. On the one hand, the digital divide acknowledges that not all Canadians have the skills to effectively employ digital technologies. On the other hand, the digital divide acknowledges the polarizing effects of digital technology and that those with high literacy levels are benefiting more than those without.
In February of this year, the federal government announced the Digital Literacy Exchange Program, which featured $29.5 million in funding over the next four years for non-profit groups that teach fundamental digital literacy skills.
While this is a necessary and important program, it falls far short from what is needed. The literacy programs are basic and narrow and do not make it easy for people to acquire literacies above and beyond what is considered foundational.
In theory, government-funded digital literacy programs should produce a greater number of hackers, and upgrade the notion of citizenship to include advanced digital literacies. In reality, a thin spread of financial support across non-profit organizations won’t achieve this goal.
A Hacker Society Isn’t a Bad Thing
Arguably, a democratic society in the digital age needs more hackers — in every city, and within diverse communities. A population teeming with curious, intelligent, tech-savvy citizens can be beneficial. People would better understand the tools they’re engaging with, and this could foster accountability among the corporate and government entities behind technology.
For example, the lack of trust in the integrity of digital systems is the primary reason why Canadians — and citizens in most advanced economies — do not yet vote online. People rightly perceive that they can easily be compromised or manipulated. However, what if citizens could audit and verify such systems? What if people cultivated and shared the literacy necessary to properly understand and secure their technology? Technology — and in this case, the electoral system — could take a very different shape.
Literacy and the ability to audit are also important on a personal level — smartphones, routers, computers and the like play essential roles in our lives. Depending upon such systems without being able to understand and secure them is a gamble that society has — perhaps irresponsibly — accepted. On a societal level, an understanding of technology is even more critical. At municipal, provincial, federal and global levels, people depend upon critical (and often networked) infrastructure and government-run databases. These systems are safeguarded by a distant, faceless power that citizens cannot interact with.
The result? Hacks, data leaks and outages. And with each security breach or technology failure, the trust in government, politicians and systems diminishes a little more. People begin to assume corruption and assume the system is unethically hacked.
A New Notion of Citizenship for the Digital Era
The responsibility for this crisis should be shared. Of course, governments need to step up with funding, policies and nation-wide priorities. But citizens, too, must take responsibility. It’s imperative that citizens develop an improved understanding of technology as it becomes the platform for day-to-day life, in activities ranging from entertainment to finance to participation in democracy.
Achieving this literacy would be no small feat — convenience is king in a consumer culture, and frankly, upgrading one’s technology literacy isn’t convenient. A joint effort by government, policy makers, non-profits, the private sector and educators alike would be required to shift the very notion of the citizen.
Our current conception of a citizen is derived from the era of the printed page, when the idea was that as long as the citizen could read said printed page, that citizen was informed. That idea aided in the development of a strong and healthy democracy and worked well for a while. Now, this concept needs to be updated, to better reflect the digital world. The hacker’s role — in its best sense — offers a rough template for a more responsible model of citizenship.