Many want the law to keep pace with technology, but what's taking so long? A simple search online and you'll find a multitude of reasons why the law is slow to catch up with technology - lawyers are risk averse, the legal world is intentionally slow and also late adopters of technology. Can this all be true? Or simply heresy? I wanted to hear from an expert who has experience in the private and public sector. That's why I sought out the expertise of Camille Stewart, a cyber and technology attorney. In part one of our interview, we talk about the tension between law and tech. And as it turns out, laws are built in the same way a lot of technologies are built: in the form of a framework.
Many want the law to keep pace with technology, but what's taking so long?
A simple search online and you'll find a multitude of reasons why the law is slow to catch up with technology - lawyers are risk averse, the legal world is intentionally slow and also late adopters of technology. Can this all be true? Or simply heresy?
I wanted to hear from an expert who has experience in the private and public sector. That's why I sought out the expertise of Camille Stewart, a cyber and technology attorney.
In part one of our interview, we talk about the tension between law and tech. And as it turns out, laws are built in the same way a lot of technologies are built: in the form of a framework. That way, it leaves room and flexibility so that technology can continue to evolve.
Tech people, they want law to catch up with technology. Lawyers wished tech people would understand the law a little bit more. And some have even criticized that the law doesn't move as quickly as technology, and you have a lot of experience both as a cybersecurity attorney in Washington and in the private sector.
And I'm wondering if there's a deeper divide between the two entities, and I'm wondering if you can share your experience with us in working with lawmakers as well as your experience in the private sector.
You want the law to leave room and flexibility so that technology can continue to evolve. And so that's kind of what has to happen. It's frustrating that there are no legal recourses when an issue comes up, but you almost have to test those boundaries to figure out a framework to fit your bill to address issues that are coming.
So even the laws that we do build tend to be framework because we need to leave room for that innovation and ideation. And part of the tension between technology communities and lawyers and technology communities and the general public or the government is trust. So technologists don't trust the government with the information that they have, and the government wants to build that trust desperately so that we can leverage the resources that are at the disposal of both.
You know, the government has a lot of insight and intelligence that they can layer over the tools and capabilities in the private sector, and if they came together, it's great, but there's this base level of trust and understanding of what each is trying to do that if we could bridge that gap, so much more could be done.
Organizations like DHS that work with the private sector quite a bit are trying to build those bridges and find ways to share information in a way that's valuable to both the private sector and the government through things like AIS, the Automated Indicator Sharing system. And it's gonna be a slow process.
Those trusts are bolted tight.
Private sector has coalesced together to build trust circles with their peers and people that they know doing work that they understand, and they're sharing information that way. And those mechanisms have become pretty robust and helpful, but the government has to be able to be a part of that for us to really complete the picture, and that's the work that's being done, some through non-profit organizations, NGOs, but also through the government and the private sector starting to get into a room.
And then, as people move back and forth across lines, right, traditionally people were govies for life, or they were in the private sector. Now there's more movement back and forth, and that'll help build the trust as well.
And then technologists, on the other hand, need to be willing to have those conversations and those explanations and understand that lawyering of the past, there was the perception that lawyers were just gonna say no. Right? They're risk averse, they aren't gonna let you ideate and innovate, they're just gonna shut it down. And that's not really true.
My job as a lawyer and the jobs of lawyers at companies today, especially if they deal with technology and cyber issues, is to lay out the risk, understand the organization’s risk calculus, and to put the information in front of leadership so that they can make an informed decision and then help to build a cast-forward that calculates those risks, that mitigates those risks to the best of their ability and be ready to support the company in what they've done.
So, with that base level understanding and the willingness to do the work to understand, lawyers can be great assets to technologists because they can be translators, different communities, as well as the company builds out and understands what the risk posture is. It's important to have all key stakeholders as part of that discussion, and lawyers are definitely part of that group.
And had you accounted for more perspective on the front end in a proactive way, it would have mitigated some of the risk on the back end or you would have been able to right yourself more quickly.
And so I think watching that occur has started a number of organizations and built a number of frameworks to help organizations get the right people in the room and encourage people to do the work to figure out where different players fall in the conversations that they're having as an organization about how the security is evolving and how technology will be used and integrated in the organization. But I think that outside factors in this area of law and cyberspace evolving has done a lot of the work to encourage the collaboration that's needed.