Life in Cyberspace

Whenever technology interfaces with a base human tendency, the result is amplification and acceleration.

Let me ask a question, one that has been fiercely debated: is cyberspace an actual place? My answer is unequivocal: yes. You may be accessing it from a familiar environment, like the comfort of your home or office, but as soon as you go online, you travel to a different location in terms of awareness, emotions, responses, and behaviour. Your reactions will vary depending on age, physical and mental development, and personality traits.

People behave differently when they are interacting with technology, compared to interacting face-to-face with the real world: Whenever technology interfaces with a base human tendency, the result is amplification and acceleration. We have all experienced technology-mediated adverse psychological effects, from smartphone addictive-type behaviours to being subjected to social technology “weapons of mass distraction” that hijack our attention. And then harvest, profile, micro-target, monetise and subliminally manipulate us online.

The technology of cyberspace was designed to be rewarding, engaging and seductive for the general population. What we failed as a society to foresee was how it would impact deviant, criminal and vulnerable populations, and how this in turn could affect society. Traditionally, members of extreme or marginalised groups found each other with difficulty. Meetings were limited by the laws of probability and proximity. Now, this probability has changed due to a cyber effect that I describe as online syndication ^[2] — the mathematics of behaviour in the digital age — that has changed, not just for sex offenders and proponents of hate speech, racism, and misogyny, but also for cybercriminals, extremists, and young people with self-harm disorders. My prediction is that this form of hyper connectivity will lead to more incidences of abuse and criminal behaviour in cyberspace and in the real world.

As a cyber behavioural scientist, my job is to provide insight at the intersection between humans and technology, or as some say - where humans and technology collide. Over time we have developed protective strategies when it comes to physical crime and white-collar crime, but we urgently need to address cyber-facilitated and cyber-enabled crime. Cybersecurity efforts to date have mainly focused on attacks on critical infrastructure. However, the rise of the Internet of Things (IoT), and soon a predicted trillion connected devices, means that in the near future we will be facing attacks not just on critical infrastructure, but on all infrastructure. Hacking and cybercriminal activity is now ubiquitous, perpetrators are engaging in complex global offenses targeting both individuals and businesses. While delivering on connectivity, Internet of Things increases the threats – therefore we need to develop cyber situational awareness, and step up security in cyber contexts.

So how do we do this?

I contributed to the recent ARM ^[3] IoT Security Manifesto ^[4] initiative and my observations were that security is not always built into devices and systems by default; this is compounded by too many assumptions from users regarding their security which generates a false sense of protection – fake safety. Many cyberattacks work because of a lack of digital hygiene, a lack of security by design and importantly a lack of user awareness. Paradoxically, younger generations of users are more digitally savy, but can be even more complacent about cybersecurity. As academic experts, designers, developers and engineers, we need to care more about the consumer. We need a human-centred approach that is mindful of how humans actually use connected "things", and not how the tech sector presumes or expects them to.

Cybercrime has also a significant economic impact. The 2018 No Slowing Down ^[5] report from McAfee and the Center for Strategic and International Studies estimated that cybercrime now costs businesses close to $600 billion, or 0.8 percent of global GDP. According to Steve Grobman, Chief Technology Officer for McAfee “the digital world has transformed almost every aspect of our lives, including risk and crime, so that crime is more efficient, less risky, more profitable and has never been easier to execute." So-called Darknet markets, the unscrupulous bad neighbourhoods of the Internet that are not indexed by standard search engines, are facilitating cybercriminal activity, from ransomware attacks, to identity theft and cyber fraud. However, the cost of what goes wrong in cyberspace is not just financial. We are also paying a high price in human terms, with the evolution of trolling, and online bullying, the rise in sleep interruption and deprivation, the surge in anxiety and depression in young people associated with technology use, the widespread commercialisation of human data, and the gamification of electoral processes, evidenced by the manipulation of constituents’ behaviours online. ^[6]

What can we do about this?

Can experts illuminate this intersection between humans and technology, where humans and technology collide? Can they predict evolutions, identify problems, brainstorm answers, create solutions, and offer advice on cyberspace?

We need accessible funding for “rapid research” initiatives, and we urgently need to broaden scientific investigation.

The scientific study of cyberspace began in the early 1990s. Researchers attempted to analyse and predict human behaviour mediated by technology, but these attempts were only partially successful. Very often findings concerning specific types of behaviours could not be described and explained by traditional psychological theory when applied in technology-mediated environments. Now, as we delve even deeper into cyberspace, difficulties with some fundamentals of psychology are becoming increasingly apparent.

Traditional research funding models may not suffice either and arguably the three-to five-year research cycle is becoming increasingly redundant. It is likely, if not probable, that rapid technological developments will overtake the phenomenon under study before it is completed and findings are published. We need accessible funding for “rapid research” initiatives, and we urgently need to broaden scientific investigation. Governments, policymakers, stakeholders along with academics from a wide range of disciplines who embrace cyberpsychology ^[7] will undoubtedly contribute to crystallising new ideas and perhaps to understanding and conquering this new scientific frontier.

One of the earliest discoveries in the field of environmental psychology came from Roger Barker’s work in ecological psychology. His field observations in Oskaloosa, Kansas, in the 1940s expanded into the theory that social settings influence behaviour. He developed the concept of the “behaviour setting” to help explain the relationship between the individual and the immediate environment, and how a setting affects its inhabitants. In 1987, the environmental psychologist Harold Proshansky ^[8] discussed how the field was “value-oriented” due to environmental psychology’s commitment to bettering society through problem identification. This is a valuable observation when it comes to cyber society.

Proshansky, however, only considered environment as a real-world construct. Understandably, his research at the time did not extend into cyberspace. Cyberpsychologists, however, do consider psychological aspects of environments created by computers and online networks. Professor John Suler, the father of cyberpsychology, provided in his groundbreaking work The Psychology of Cyberspace an evolving framework for understanding how people react to and behave in cyberspace. The experience created by computers and computer networks should in many ways be understood as a psychological “space”. When users power up their computers, launch a program or app, write e-mail, or log on to a social technology platform, they feel either consciously or subconsciously that they are entering a “place” or “space.” In terms of considering cyberspace from a classic environmental psychology perspective, many users who have connected to a remote computer and explored the Internet or navigated the murky depths of the deep web describe the experience in terms of travel or “going someplace”. These and other spatial situational metaphors, such as “worlds”, “domains”, “forums” or “rooms”, are commonly used online and support a construct of environment. The literature on human cognition argues that we use place and space-based metaphors for the Internet because our cognitive makeup dictates that we must – in other words, humans are embodied, situated beings, who reason spatially.

The three layers of Cyberspace

However, we are not alone – the military also reasons spatially. The most significant official recognition of cyberspace occurred in 2016 when NATO acknowledged it as a new frontier in defence ^[9] – formally recognising that modern battles are waged not only by air, sea and land, but also on computer networks. In fact, a military definition of cyberspace has existed for some time, i.e.:

All Internet users are not equal: some are more vulnerable than others and few special allowances have been made for children online. However, they deserve particular attention.

While Licklider believed that humans and technology could collaborate in a mutually sustaining manner, Carson was less optimistic. Her central proposal was that, at times, “technological progress is so fundamentally at odds with natural processes that it must be curtailed”. ^[17] I believe this assertion resonates today. Is contemporary technological progress now at odds with humankind? My real concern is the impact of technology on the developing child, particularly those who are growing up with cyberspace. The Internet was designed as a democratic environment in which all users are treated and regarded equal. However, all Internet users are not equal: Some are more vulnerable than others and few special allowances have been made for children online. However, they deserve particular attention. We are living through the largest unregulated social experiment of all time – a generation of youth have been exposed to the best and worst aspects of this new technological environment.

In May 2018 Europe introduced the General Data Protection Regulation (GDPR), which significantly changed data protection law in Europe, strengthening the rights of individuals and increasing the obligations on organisations in cyber contexts. One of the most important aspects of GDPR is the protection of children. Article 8 of the GDPR addresses the “Digital Age of Consent” – that is, the age at which children have the power to let a social media company gather their personal data and profile them. The GDPR sets this age at 16 years by default, but allowed Member States to reduce this to 13. In Ireland, my fellow campaigners and I believed that there were considerable risks associated with enabling children to use social media services that process their personal data for marketing/targeting /commercial gain. We are convinced that it is critical to protect children from complex algorithmic profiling that they do not understand and which most adults don’t understand either. We must be extra careful with young teenagers, who are at a phase of development during which they are vulnerable to influence and manipulation. For this reason, we campaigned to keep parents involved in the lives of young people online, just as they are engaged in the real world. On the legislative front, we were successful. The Digital Age of Consent in Ireland is now 16. This is important in geographical terms, as many social technology companies have headquarters in my hometown of Dublin.

Billions of us now use the technologies of cyberspace unthinkingly, in the same way we breathe air and drink water. It is an integral part of our developmental, social, professional, and personal lives.

And we need to talk about cyberspace — we urgently need new ideas. We need to find answers and solutions. I am convinced that we can conceptualise technology solutions for technology-facilitated problematic behaviours. Until now, most academics have been looking at the cyber environment through the myopic lens of their individual disciplines. We must take a holistic, gestalt-like overview to improve our understanding. As the network scientists say, it’s all about sense-making. We need to make sense of what’s happening.

The best approach is transdisciplinary. We need expert input from a wide array of disciplines to illuminate the problems and devise the best solutions. We need to stop expecting individuals to manage cyber issues for themselves or their families. Science, industry, governments, communities, and families need to come together to create a roadmap for cyber society.

However, some will object.

If we think about cyberspace as a continuum, on one side we have idealists, keyboard warriors, early adopters, and philosophers who feel passionately about the freedom of the Internet and the independence of cyberspace, and don’t want that weighed down with regulation and governance. On the other end of the continuum, we have the tech industry with a pragmatic vision of freedom of the Net that is driven by a desire for profit and concerns that governance and restrictions will impact the bottom line. These two very different groups are somehow strategically aligned in cyberspace, and holding firm. The rest of us and our children — the 99.9 percent — live somewhere along the continuum, in the middle, between these vested interests. Billions of us now use the technologies of cyberspace unthinkingly, in the same way we breathe air and drink water. It is an integral part of our developmental, social, professional, and personal lives. We depend on it for our livelihoods and lifestyle, for our utilities, opportunities, networking, even our educations. However, at the same time, we have little or no say about this new frontier, where we are all living and spending so much of our lives. Most of our energy and focus has been to simply keep up with a cyber learning curve that gets steeper every year. As we know from environmental psychology, when you move to a new location, it takes time to adapt and settle in. Before we get too settled, let’s make sure this is what we want and where we want to be.

Cyber effects can tap into our developmental or psychological Achilles’ heel: while making us feel invincible, these effects can diminish us, and distract us from things in life that are much more important, more vital to happiness, and more crucial to our survival. Let’s debate more, and demand more.

We need new standards and new frameworks for our concerns. The clean-up measures are time-sensitive and need to begin soon.

Who is responsible when extreme content disastrously spills online – especially by means of technologies that are used by children and young people? Who is to blame: the individuals who commit the extreme acts, those who share the images and videos, the anti-social technologies that spread them further, or all of these? As a society, we need to decide who is responsible. Does the fault lie with service providers, software companies, the leadership behind them? Moreover, what is the responsibility of social technology platforms?  What is our collective position regarding “content pollution” of cyberspace?

Here’s an idea. The environmental movement’s “precautionary principle” places the onus on industry to protect the real-world environment. This could also be a principle in cyberspace. Just as oil companies have been forced  — by the media, government, social and environmental activists — to clean up damages, leaks, and pollution related to their products, cyberspace enterprises need to be responsible for spills and effects regarding humanity. We need new standards and new frameworks for our concerns. The clean-up measures are time-sensitive and need to begin soon. Also, let’s use machine intelligence solutions to do the dirty work, not young content moderators from developing countries who are employed as human filters to clean up the worst excesses of the Net, and are traumatised while doing so. At an EU policy summit in Brussels earlier this month I argued that the words "content moderator" would in time be considered as a human rights issue, along with human trafficking and forced child labour. Let’s not forget that a social technology moderator is also somebody’s child.

On the cyber frontier, we need thought leaders who are prepared to nail their colours to the mast and back their informed instincts. Of course, we need evidence-based studies over time, but how long can we wait? Babies are being born, kids are growing up in the cyberworld, and lives are being changed. Society is being reshaped. We urgently need to reconsider how we handle behavioural problems in this new environment that are evolving at the speed of technology. I don’t believe scientific breakthroughs are achieved by sitting on the fence. We need cyber leadership, and we desperately need “academic first responders”.

We are living in a unique period of human history, an intense period of flux, change, and disruption that may never be repeated. This moment in time is not unlike the Enlightenment of the 17th and 18th centuries, when there were significant shifts in awareness, knowledge, and technology, accompanied by great societal changes. Some changes have been seductive and incremental, have caused psychological norms to creep into new places, while others have been sudden and alarming. We need to start thinking and talking about the profound and pervasive impact of the technological environment of cyberspace on the individual and on society.

What is new is not always good. Technology only brings progress when we are able as a society to mitigate its most harmful effects.