Abstract
Digital data has been identified as an asset with market value, which has the capacity to redefine existing assemblages of economic and security governance. This article argues that rather than merely being an asset, digital data takes on the qualities of a currency that only exists in relationships of exchange. Digital data establishes multiple relationships to value as it can be accumulated and subjected to different forms of calculations. The article develops this argument on a theoretical and an empirical level by analyzing official risk-narratives of hacking in India and the US. In both discourses data is understood to be a medium of exchange that establishes many relationships of value as it is disrupted and steered through hacking practices.
Key words:
digital data, value, currency, risk, hacking, India, US
Essay
Introduction
I dream of Digital India where cyber security becomes integral part of national security […] I dream of a digital India where High-speed Digital Highways unite the Nation, 1.2 billion connected Indians drive innovation. Indian Prime Minister Modi, The Economic Times,2015
[E]very day we see waves of cyber thieves trolling for sensitive information — the disgruntled employee on the inside, the lone hacker a thousand miles away, organized crime, the industrial spy and, increasingly, foreign intelligence services. […] In short, America’s economic prosperity in the 21st century will depend on cybersecurity. The White House, 2009
India and the US experience the rise in the prominence of digital data in very different ways. Both countries’ governmental leaders speak about the way in which access to digital data contributes to the creation of value. As the above quotes suggest, this access is linked to opportunities for growth, but also precariousness and potential for loss. The 2016 presidential elections in the US underlined the relationship between value and digital data in yet a different way. Hacks became a central theme during the election campaigns as emails were disclosed with the intention of interfering with the election process (DHS 2016). Together with the Cambridge Analytica scandal (The Guardian 2018), when data from Facebook profiles were harvested without consent and used to influence elections, this led to a debate about the value of digital data. This article discusses the relationship between digital data and value by analysing the statements national actors in India and the US make about the value of digital data in their official risk assessments of hacking. Naturally, the national discourses on digital data or hacking are much broader and include a wider range of speakers, but the selected sources illustrate the article’s argument about how data and value relate to each other in many ways.
Academic discussions about the relationship between digital data and value have become more prominent within the past decade. Some scholars have reasoned that digital data creates economic value as it influences economic processes (Thompson 2004; Thrift 2006; Hansen and Nissenbaum 2009; Karppi and Crawford 2015). Others suggested that digital data translate directly into monetary assets since it has become a form of capital in commerce and marketing (cf. Fuchs 2010; Arvidsson and Colleoni 2012)—a view that received international attention with The Economist‘s commentary on data as the “new oil” (2017; cf. scholarly contribution by Puschmann and Burgess 2014). This article develops the argument that digital data entertain many different relationships to value. This is possible due to some of its main characteristics, namely that digital data are amongst other things numeric, countable, computable, material, storable, searchable, as transferable, networkable and traceable (Kaufmann and Jeandesboz 2016). As such, data—even if it always created, collected and imagined in specific contexts—can be subjected to ever-new purposes. Or, as Andrejevic and Gates put it (2014: 189): its “function is the creep.” Once digital data are harvested, they can be cleaned and selected to identify many different kinds of patterns—each of which may be used for a different purpose (Kaufmann et al. 2018). That data are valued in many different ways does not only become evident from the different official statements about hacking studied in this article, but the word data itself already points to this key affordance of digital data. Data are plural, which means that it is in relation to something else that they establish themselves as data. Floridi argues further that only in combination with meaning, data become information, where a datum consists of “x being different from y, where the x and the y are two uninterpreted variables and the domain is left open to further interpretation” (Floridi 2011: 85). That means whoever works with digital data and interprets them defines the informative value that they carry. As a result of that, digital data have an influence on what can be ‘made count’ (cf. Anderson and Fienberg 1999) for governance at large—not just within the commercial field. The article shows how official risk narratives on hacking in India and the US stand as an example for the combination of different data valorisations. These valorisations become visible in the discussions about potential data loss or the interruption of its exchange through hacking, because it leads to an interruption of data analysis and thus a loss in the creation of value. At the same time, official hacking narratives also speak about the opportunities of value creation as it can foster data flow.
Hacking is a movement and a formalised profession and can fulfil many different functions. Computer hackers are likely to be skilled programmers, hardware builders, and system-administrators (Coleman, 2011: 512)—some of which use their skills for ethical hacks, such as hacks in the public interest (Coleman 2017). At the same time, hacking is often discussed as one of the main risks to digitised societies. Hackers, so the respective governmental narratives suggest, conduct practices that lead to the loss of digital data, which are considered valuable to a wide range of societal services and functions. It should thus be clear that the article focuses on a particular subset of hacking discourses, namely how governmental discourses in India and the US communicate the fear of data loss through hacking and the value that ethical hacking creates. This article does not seek to argue for a particular understanding of hacking, neither does it seek to contribute to a misleading polarized understanding of hackers as either criminals or activists (for a critique on this polarization s. Kaufmann, forthcoming). Rather, it analyses these governmental discourses to illustrate how—in a political sphere—digital data and value relate to each other. Despite their different stages in the process of digitization, both governmental discourses are expressive of a relationship between digital data and value that pertains to the need for data to be exchanged and to be accumulated in order to uphold or develop specific societal and governmental functions. In the following, the paper will first develop this argument on a theoretical basis and then turn to its illustration and substantiation by drawing on the two empirical studies of the governmental risk discourses on hacking in India and the US. The article then returns to a reflection about how digital data take part in the creation of value in societies that consider the access to digital information an important component of the social fabric.
Theorizing the Relationship Between Digital Data and Value
More and more scholars demand for a critical approach to the value of digital data (boyd and Crawford 2012; Iliadis and Russo 2016). Hoffmann, for example, argues that uncritical claims to the value of big datasets “ultimately occlude the legal and economic structures, material conditions, and conceptual assumptions that make the capture and exploitation of digital data possible in the first place” (Hoffmann 2017: 209). Most critical approaches in this field, then, explore how digital data are “constituted by codes of commerce […] and government” (Lyon 2013: 100) and how usage of large datasets—big data—in turn redefines existing assemblages of economic and security governance (cf. Thrift 2005, 2006; Lash 2005; Godin 2008; Pardo-Guerra 2013; Savage 2013; Kitchin 2014). Marxist-inspired debates, in particular, argue that value is directly related to the labour time of digital prosumers, who produce contents vital to the services offered by ICT companies, but are not paid for their effort (Fuchs 2010). Similarly, Rigi and Prey (2015: 403) draw attention to the way in which value is generated by prosumers who are “productive of commons that is used to extract rent from advertisers.” While such theorizations of digital data and value are helpful pointers, most accounts presented above still take the relationship between the two as a given. Even in the critical discussions on surplus value, digital data has, if at all, been identified as a good, a commodity, the production and use of which redefines what counts as societal and economic value (Thrift 2006: 302). Digital data can be used to generate money and profits, which is also why its exchange is increasingly securitized (Hansen and Nissenbaum 2009).
This article problematizes the idea of taking the value of data as a given (cf. Hofmann 2017). It follows Andrejevic (2015), who widens this narrow understanding of data and value and points to the use of big data to take decisions, shape agendas and goals. Digital data, he argues, are not just an “asset with market value that can be bought and sold” (ibid. 9), but the way in which they are mined for patterns affect the live decisions of their prosumers (Andrejevic 2009; 2015). Moreover, this article emphasizes that the value of digital data is dependent on the context in which they are produced, collected and analysed: with each new context, a new valorisation of data arises. Thus, instead of reducing data to an “asset class” (Andrejevic 2015: 8) that leads to opportunities to make money, the article observes that digital data rather seem to take on the qualities of money. Data act like a currency, the exchange of which is facilitated, interrupted or steered by different entities; they can be collected and used to calculate with. Through these processes digital data are used to create ever-new values. Like money, digital data enable their own form of trade and economic, including political and social opportunities when they are put to use as means of exchange between service providers and users. When Gilbert (2005: 361) describes money as “a symbolic referent, a social system, and a material practice”, one could argue that, similarly, digital data are a symbolic referent, because they can have different values assigned to it, they are also a socio-technical system of exchange, and a material practice of calculation and analysis. This needs further explanation.
The theoretical vantage point for this paper is to follow new materialist perspectives that acknowledge the formative power of digital data. Rather than understanding digital data as abstract (Paul 2009: 19), material approaches focus on properties that enable or constrain them as artefacts (cf. Blanchette 2011: 1045-46; cf. Leonardi 2010). Such perspectives neither see digital data as mere instruments of human will, nor as essential to human existence, but they focus on the way in which digital data afford specific usages (cf. Kaufmann and Jeandesboz 2016) and how—through these usages—manifold relationships between the digital and value emerges. How do these valorisations arise?
Just like money, data need to stand in a relationship of exchange in order to receive meaning (cf. Floridi 2011). Maurer argues that in societies where exchange processes are a norm, “people are less likely to be concerned with the medium of exchange so much as with the dynamics of its blockage and flow” (2006: 21; cf. Foster 1999). A similar rationality appears in the case studies on digital data and hacking discussed below. Here, hacking either leads to the interruption of digital data exchanges, which is discussed as a negative value (i.e. a risk to society), or where hacking in its ethical form is believed to establish a positive relationship to value, because it enables the flow of digital data.
Beyond its relationship to exchange, the general tendency of digital data practices to aggregate, render countable and to ‘make count’ (Sætnan et al. 2011: 2) is what allows for different valorisations. Within digital archives, data do not ‘just work’ as a stable, flat value system—as Maurer (2006) also argues about money. Rather, they experience varying value-ascriptions through the selection and analytic processes data are subjected to. Depending on what aspects one seeks to focus on, archived digital data are categorised, associated, interpreted and evaluated with the use of measuring devices (Lupton 2015). Andrejevic and Gates (2014: 187) even argue that all data are “collected and stored for its future use-value – its correlative and predictive potential- even if there are no envisioned uses for it at present.” Together, accumulated data and their analysis shape our understanding of various societal concepts, for example “‘dangerous’, ‘safe’, ‘unhealthy’, ‘risky’, ‘under-achieving’, ‘productive’, and so on, thus producing and reproducing new forms of value” (Lupton 2015: 103).
A trend that has been criticized is that bigger data tends to be considered better data (boyd and Crawford 2012). Actually, this trend exhibits similarities to money, too. As Graeber (1996: 6) says: when the “social identities of transacting parties are irrelevant to the value of the objects mediated by money” (or respectively digital data), then, in the same way as money, data take on the “powers of the fetish” (Maurer 2006: 23). Money and digital data are both powerful, but their introduction incites positive as well as negative associations. Because digital data introduce a numerical relationship to the entities that they are supposed to analyse,[1]or as Maurer (2006) argues in relation to money: between services and other ‘goods’ the status of digital data as currency is in some cases considered as morally questionable. At the same time as digital data can relate to values of sharing, prosperity, exchange, knowledge and openness, they can also be tied to insecurity, surveillance and oppression and the takeover of numeric governance. Like money, digital data has to be understood as a societal and cultural practice, whereby their exchange, their accumulation and calculation determine their ever-changing value.
Studying the Relationship Between Digital Data and Value
The conceptual points made about digital data and value described above can be observed in a range of governmental discourses. In specific, it was insightful to analyse how official communications on the risk of hacking in India and the US present digital data, their circulation and systems of exchange. It is advantageous to compare risk narratives about hacking in India and the US for several reasons. Firstly, it is significant how the governmental discourses express the value of data by both, fearing its loss and expecting data-based innovation from hacking activities. Secondly, the similarities and differences in digitization in the US and India offer rich material for comparison. Consider the following: while in the US approximately 82% of the population use the Internet, the Internet penetration in India reached 7.5% of the population in 2010. By the beginning of 2016 this figure had more than tripled: India had more than 350 million Internet users—more than the entire population of the US—and Internet penetration is growing at a rapid rate. Because of this difference, the two countries are at different stages when it comes to digital security policy. US policies on digital security have long been prominent within the international discourse, whereas in India security policies are under development in order to meet the rapid expansion of the digital market. According to recent studies by The Associated Chambers of Commerce and Industry of India, the country is also the world’s third biggest target of hackers, after the US and Japan (ASSOCHAM 2016).
The empirical vantage point for studying official discourses about the risk of hacking in India and the US was to collect written risk assessments and communications, policy reports or official statements in newspapers or on government websites about hacking. While both countries do have official communications about hacking, the discourses in India and the US have different complexions due to their individual histories with digitisation. As a result of such differences, it was not possible to identify documents that were directly comparable. Instead, the analyses focus on those discourses, documents and themes that emerged as most prominent with regards to the countries’ official stances on hacking.
Combined with expert literature on risk communication and digital penetration in India and the US, a qualitative discourse analysis of almost 40 documents was the methodological vantage point. During this analysis, the more general theoretical understanding about the qualities of data and their relationship to value were further refined, which also substantiated the theoretical argument of this article. Indeed, both countries’ documents emphasize digital data as something that needs to stand in a relationship of exchange and which, in accumulated form, serve as a basis for organizing many societal processes. Thus, each of the two cases provides a unique insight into the way in which a relationship between value and digital data is established in governmental discourses, and they underpin the similarities between digital data and currencies. Each case study begins with a general overview about digitisation processes within the respective country and the main speakers within related discourses. Thereafter, they move on to the documents analysis in relation to key themes. Here, select quotes were chosen to illustrate the analysed points.
Governmental Discourses on the Risk of Hacking in India
India is currently seeking to reform government through ambitious digital programs and activities—the Digital India programme—and the aim to form 100 smart cities in the country by 2022. Through creating and expanding digital infrastructure and services (Guha and Mankotia 2014, cf. Government of India 2014), Digital India is conceived as “a makeover that shall change the face of the entire nation, impacting cities, towns, villages, everywhere” (Government of India 2015a). These governmental plans are filled with expectations concerning the promise of digitization (Jacobsen 2012; 2015) especially vis-à-vis economic progress (Pick and Sarkar 2015). The exchange of, the accumulation and the processing of digital data are of particular importance in the development of India’s digital governance. The exchange of digital data is expected to generate both, social and economic value through connecting urban and rural India to a national network. Internet penetration, for example, is growing rapidly, with currently about 350 million users, and is expected to reach 700 million to 900 million Indians by 2025 (Kaka et al. 2014). At the same time, biometric data of the Indian population is being collected in a national database, which will work as a platform to facilitate further digitisation in different commercial and governmental domains (Jacobsen 2015). The country is also digitizing bank and cash flows in a move towards a more cashless economy (c.f. Unnikrishnan 2016). Importance is placed on rapidly building infrastructure that will lead to an increase in the content, accumulation, exchange and usage of data. Industry estimates that developments in technology and digitisation will significantly impact India’s GDP growth in the coming decade (Kaka et al. 2014).
In tandem with these plans to digitize the country, discourses on hacking and risk emerge. India seeks to unite various actions and programmes dealing with digital security challenges under one common National Cyber Security Policy (Ministry of Communications and Information Technology 2011) that leads to targeted actions and enhances the country’s digital security (cf. Jacobsen 2013). Below, the article presents an analysis of voices of governmental spokespersons, official websites and other bodies dealing with the overarching advance of Indian “cyber” security in relation to the country’s digital developments. Here, a first finding is that not all of these discourses necessarily engage the term risk in relation to hacking. Rather, the majority of the discourse is about the securing of growth by increasing the exchange of digital data and the primary focus lies on hacking as a catalyst for digital change. When investigating the more overarching discourses on hacking, the digital and risk, including that of industry, business and banking, the notion of ethical hacking, i.e. the testing of digital networks to discover and alarm owners about security holes, emerges as an important tool for risk aversion in private companies and public authorities.
Within the current landscape of official narratives on digital risk and hacking in India, the following main speakers are central: the Government of India has several bodies that deal with digital security issues and different ministries have separate functions. First, sub-bodies to the Department of Information Technology, Ministry of Communications and Information Technology are important regulators providing guidelines for public and private sectors. The Ministry also drafted the National Cyber Security Policy. Another central speaker is the Department of Electronics and Information Technology. The government of India’s Inter Departmental Information Security Task Force (ISTF) has furthermore set up an Indian Computer Emergency Response Team (CERT-In) to deal with ‘cyber security’ incidents. CERT-In as well as the National Crime Records Bureau (NCRB) collect and disseminate information on ‘cyber crime’ incidents, including occurrences of hacking, phishing and defacing of websites. The National Critical Information Infrastructure Protection Centre (NCIIPC) gathers intelligence on digital risks, and the National Technical Research Organisation (NTRO) provides technical support to intelligence and security agencies to watch out for imminent ‘cyber threats’ (Standing Committee on Information Technology 2014). With respect to national defence, the Ministry of Defence is the nodal agency for ‘cyber security’. Lastly, in 2015, the government created a cyber-security chief’s position under the Prime Minister’s Office, thus seeking to develop stronger national coordination of digital security and risk issues (Aggarwal 2015). The main legal framework on digital risk and security is the Information Technology Act of 2000, which was amended in 2009. Important to shaping official discourses on digital risk are also bodies such as the trade association of India (NASSCOM) and the Data Security Council for India. Their Cyber Security Advisory Group (CSAG) works to provide “recommendations for public–private partnerships related to capacity building and policy making in the area of cyber security in India” (Singh et al. 2014: 74). The below analysis has focused on these departments and bodies and is based on an investigation of central official documents that address hacking, including websites, press releases and speeches of official spokespersons.
Three main narratives emerge from the documents that communicate digital risks in India. Firstly, the digitization of India is related to the threat of hacking national security services and businesses. This basic notion of hacking as a threat largely focuses on the need to protect digital services from malicious attacks that might harm individuals, the economy, or national security. The second narrative focuses on ‘ethical hacking’ as an essential vehicle in the digitisation of the nation, and a component of securing national growth. The legal discourse forms the third narrative of hacking, presenting it as a criminal offense and positions hacking in relation to the value of the loss that it causes.
The first official narrative emerges mainly from the National Cyber Security Policy of 2013, a policy framework by Department of Electronics and Information Technology. This was India’s first national policy on digital security and digital risks—as that, it warrants special attention. The document places hacking alongside other intentional (e.g. cyber terrorism, identify thefts, phishing) and unintentional cyber threats (e.g. uncontrolled exploits or accidents) that might harm individual lives, the national economy or national security. Thus, hacking, such as denial of service attacks or data leakage, is presented as one of many threats that could have national significance (National Cyber Security Policy 2013). Such negatively associated hacking activities are also conflated with “hactivism” and “social engineering” (ibid. p. 2), the differences of which are not expanded upon within the policy document despite the fact that they can overlap with ethical hacking, the second narrative discussed below. The National Cyber Security Policy further frames the Indian nation as a space in which the exchange of digital data is safeguarded, a space that has to be protected from those that seek to harm the nation (National Cyber Security Policy 2013). This frame is supported by quoting the large numbers of hacks against Indian official organisations (cf. Information Warfare Monitor and Shadowserver Foundation 2010), where government sites and businesses would be the main targets. These narratives underline that digital networks have to be protected from outside threats to safeguard the flow of digital data and, thus, national security. The values contained by digital data are intimately linked with national assets, economy and infrastructure, as well as “various socio-economic parameters” (National Cyber Security Policy 2013: 1). Other influential reports describe that the increasing digitisation in India also coincides with an increase in the number of malicious hacks. It has been reported that a total number of 308,371 websites, of which 78 belonged to the Indian government, were hacked between 2011 and 2013 (Pinkerton and FICCI 2014). However, as government and private bodies rarely report hacking incidents, the origin of hacks, as well as loss and damages of hack attacks would not be known (IDSA 2012, PWC 2015).
This understanding of hacking as a threat to digitisation, most likely exercised by regime critics or subjects outside the nation, is combined with a second official narrative on hacking as a tool to further the country’s overall economic growth. Here, so-called ethical hacking is narrated as a fundamental part of building digital security and increasing the exchange of digital data in India. The logic is that an increased national focus on digital security will lead to market growth, and that security solutions pioneered by the Indian IT industry are at the heart of India’s future GDP. Thus, the National Cyber Security Policy states that, “Information Technology (IT) is one of the critical sectors that rides on and resides in cyberspace. It has emerged as one of the most significant growth catalysts of the Indian economy” (2013: 1). This narrative is supported by business, industry and trade organisations that see the national regulation of the Internet as central to a secure a digitised India with the overall aim to increase and protect economic circulation and transaction. NASSCOM, for example, has set up a Cyber Security Task Force that aims to build the Indian ‘cyber security’ industry, develop one million certified security professionals and drastically expand the amount of security companies in the country:
The global market for security software is forecast to grow to USD 17.3 billion by the year 2015, fuelled by increase in internet penetration levels, which would lead to ever increasing concerns about internal as well as external security. Security has evolved from being a peripheral concern to being business centric, and the existing security concerns have led to standards being laid down, which are driving the current growth in the market. (NASSCOM 2014)
It is expected that the rapid digitisation of Indian society and government will fuel a need for technology and software for private companies as well as public bodies, and that this increase in security solutions will happen in tandem with market growth (cf. PWC 2015). In this framing of digital security, ethical hacking is narrated as a central and important component. According to the Indian Cyber Army (ICA) ethical hackers “try to hack into a company/organization before an ‘attack’ so they are able to find any weak links” (2015). As such, they contribute to reducing probabilities for malicious hack attacks, and diminish potential risks to data accumulation and exchange. The professionalization of hacking happens here in relation to the increased interconnectedness of digital systems and ethical hackers are to facilitate the confluence of informational value and economic growth. India’s narrative of hacking as a security profession[2]a trend that is by today also described as blue-hat-hacking (Hackers League 2018) speaks to the merging of economic and security logics, whereby business and government utilise the competence of hackers to test their ‘cyber security’ software products, and at the same time their own respective organisational IT systems (NASSCOM-DSCI 2012). This practice is expected to accelerate the exchange of digital data and facilitate economic growth.
The third official narrative is related to the first narrative, but invokes the legal aspects of hacking. It presents hacking as an intrusion into a digital resource, which causes a loss. The main legal framework that deals with digital security and risk in India is the Information Technology (IT) Act, which was updated and amended in 2008. Section 66 of the Indian IT Act defines hacking as an offence in the following way:
(1) Whoever with the intent of cause or knowing that is likely to cause wrongful loss or damage to the public or any person destroys or deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means, commits hacking. (…) (2) Whoever commits hacking shall be punished with imprisonment up to three years, or with fine which may extend up to two lakh rupees, or with both.
The definition of hacking is here very broad as it considers any form of hampering data exchange in computer resources. The Act focuses on the value of the information lost due to hacking, and also on the utility that data has to its owner. How this value is assessed by the court is central to the punishment that can be expected with regards to hack attacks, as the understanding of value is relative to an assessment of the loss that has been caused. Legal discourses thus make the valorisation of digital data a central component of digital risk. Digital data, thus, can be subject to manifold valorisations depending on the degree and kind of loss that is experienced by its user, and the legal process determining its value and utility.
India is currently undergoing a large-scale transformation in terms of digital governance. In this context, the above narratives on hacking as a practice vary. What all of them emphasize is a particular relationship between digital data and value. Initially, hacking relates to the threat that it poses to the exchange of data, which impacts national security and economy. Here, digital spaces are to be protected from “outside” threats that disrupt data accumulation and exchange. In narratives on ethical hacking and legal discourses, the loss of data is measured through monetary as well as creative value, and the increased exchange of digital data is understood to create economic growth. In legal discourses, digital data is framed as a property that can be diminished, injured or lost depending on how it is interpreted and how it relates to other materialities. Hacking is thus presented as both, a threat to digital India, but also, when working in tandem with government and industry, an opportunity to reduce potential threats to and facilitate an increased exchange of digital data. These hacking narratives reveal the manifold relationships data entertains to value.
Governmental Discourses on the Risk of Hacking in the US
As opposed to India, most everyday practices in the US are already dependent on the exchange of digital data. Over the past years it has been argued that especially the Obama administration’s continued focus on digital and Cyber security (The White House 2009) has led to a securitization of the “cyber sector” (Hansen and Nissenbaum 2009). While India aims a lot of its attention at the opportunities created by increased digital data exchange, US discourses rather address that which can disturb, interrupt and stop the exchange of digital data that is central to society’s functioning. One core theme of this discourse is hacking, which was again intensified after the US elections in fall 2016.
The communication of hacking as a risk in a largely digitised society such as the US includes many voices. In order to conduct a meaningful analysis, the data material here mainly includes hacking-narratives in threat assessments publicised by US intelligence authorities. Hence, this part maps the official discourse, the voices of governmental spokespersons or institutions in the communication of hacking. The fact that hacking is considered a risk is, in fact, a very first finding in the study of US discourses. Even the FBI’s use of the term ‘ethical hacking’ is associated with the risk of data loss. The broader discursive field includes the language of cybercrime, cyberattacks and cyber wars, which often overlap with the term hacking.
When strictly following the term ‘hacking’ in governmental documents that communicate threats and risks in the US, a map of the following speakers unfolds: the US intelligence community includes 17 agencies that are headed by the Director of National Intelligence. Some of the most influential agencies that work on hacking are affiliated with the US Department of Homeland Security, such as the Secret Service. The Secret Service already flags the risk of hacking on their starting page, but they also run the National Threat Assessment Center that works and publishes on hacking. The Secret Services also publish hacking risk assessments conducted by private contractors (e.g. Trustwave) as well as advice sheets for avoiding being hacked. The US Department of Homeland Security furthermore hosts the Federal Emergency Management Agency (FEMA) with their preparedness site “Ready.gov” as well as the National Protection and Program’s Directorate that runs the US Computer Emergency Readiness Teams (US-CERT), both of which communicate on the risk of hacking. Another major voice in the intelligence community and in the discourse on hacking is the Federal Bureau of Investigation (FBI) that includes the Internet Crime Complaint Center (IC3), both of which are affiliated with the US Department of Justice. While both, the secret service and the FBI specialise in protection and investigation, the FBI focuses more on investigation and the Secret Services more on the protective missions. A third and independent body that has also voice in the hacking discourse is the Federal Trade Commission that works with consumer protection, but has also investigative as well as law enforcement authority. Other important speakers are consulting bodies, such as RAND, a key institute for research and development, who publish studies and research reports on hacking.
In most of the agencies some form of hacking, whether it is credit card hacks or larger attacks on computer systems, are relatively high on the agendas with references on the front page of their website or on key documents (Clapper 2015; FBI 2015a; Ready.gov 2015a). The risk communication of hacking entwines many different narratives. Acts of hacking include political and personal motifs that range from activism to espionage and warfare or even the revenge of “disgruntled employees” (ICS-CERT 2015; Trustwave 2014: 37f). Generally, hackers tend to be subdivided into state and non-state or private actors that simply have an interest in speculation, gaming or challenges (ibid.; Ready.gov. 2015a). A recurring narrative is that “we are building our lives around our wired and wireless networks” (FBI 2015b), that “everything” relies on the Internet (McDowell and Householder 2015) and that the effects of hacking pertain not to databases alone, but to actual “brick and mortar” places (Trustwave 2014: 33; 98; 100). Eric Bassel, director of the Sans Institute summarises this rationale: “When you lose control of cyberspace, you lose control of the physical world” (BBC 2012). As such, hacking seems to be that, which interrupts, disturbs or subverts not only the exchange of digital data, but also everyday processes, which already hint at the manifold valorisations digital data experiences.
In the US documents that communicate hacking as a risk it is possible to identify four narratives that speak about value and digital data directly. On the simplest level one finds a narrative focus on economic motifs and financial targets for hacking that emphasise the value of both, the digital data that leads hackers to monetary sources and the digital data that itself functions as a currency. On a second, more abstract level, it is possible to identify rationalities or ways of arguing about the value of digital data and its potential loss. Thirdly, similar logics are present in the way in which the risk of hacking evokes an insurance discourse that describes the value of digital data. Finally and most strikingly, the legal discourse about hacking overtly integrates discourses about the value of digital data. This concerns mainly White House’s suggestion to make hacking a racketeering offense, meaning to make the Racketeering Influenced and Corrupt Organizations Act (RICO) apply to computer frauds and abuse.
Financial and economic data, so the first set of narratives claim, are some of the most popular targets of hacking activities in the US. Bank wire transfers, payment information from hotels (Trustwave 2014: 37; 109), credit card data (US Secret Service 2012), and consumers in industry databases (IC3 2015) are frequently attacked. In fact, a report publicised by the Secret Services finds that databases involved in e-commerce payments makes up 54% of their assessed hacking targets (Trustwave 2014: 27). This narrative is substantiated not only by the advice sheets for merchant point of sales attacks issued by the Secret Service (ISAC Financial Services et al. 2014) and the FBI’s investigations of ‘cyber fraud’ (FBI 2015b), but also by the White House itself, where the president launched the ‘Buy Secure’ initiative to addresses “the kind of hacking that we saw too many times” (Zients 2014). Most importantly, these narratives frame the act of hacking as something that is motivated by the creation of economic damage or personal gain. Hacking for profit (ICS-CERT 2015), economic espionage or financial gain in general (Trustwave 2014: 37) are mentioned as the most common incentives for hacking, where the hackers’ interest is to exploit systematic weaknesses for their own benefit (McDowell and Householder 2015). The identification and exploitation of systematic weaknesses, however, can have many reasons. For example, intellectual challenge, the contribution to the development of a system by exposing its gaps, political interests or personal pride (Trustwave 2014: 38)—all of which imply different value ascriptions to digital data (cf. Kaufmann: forthcoming). Yet, the discursive focus on financial gain sidelines other motivations, positioning economic motivation above all others. Some narratives suggest that any motivation for hacking is eventually tied to economic reasoning. Hacking is, according to that logic, not just about creating the loss of straight financial data or the immediate gain from fraudulent activity, but any kind of hacked data creates economic loss or gain. Thus, all data entertain a relationship to economic value, also non-payment related data (ibid.: 7ff). Either the hacked data itself has value as a currency, because it contains information that is relevant, for example, for profiling, so it can be re-used and ‘sold’ on the black market (ibid.: 22), or the interruption of data exchange causes a halt in everyday processes and developments, which creates both, digital data and economic losses.
This rationale is conveyed by the second set of narratives that contain a more general argument about information exchange as the basis for societal processes. These narratives feature strongly in the different hacking studies conducted by the National Threat Assessment Center: whether it is in the banking and finance (Randazzo et al. 2004), the critical infrastructure (Keeney and Kowalski 2005), the IT and telecommunication (Kowalski et al. 2008a) or the government sector (Kowalski et al. 2008b), hacking, so the narrative, always causes losses “resulting from damage to information” (ibid.: 26f). Such assessments explicitly tie the disruption or loss of data exchange to “property damage” (ICS-CERT 2015), whether that concerns individual economies or values at the stock market (Gompert and Libicki 2015), but also the value that digital data has because it can be subjected to analyses for many different purposes. The Secret Service summarises this valorisation of data in their advice sheets: “Once inside a network, hackers usually map the network to determine the most valuable data to steal” (ISAC Financial Service et al. 2014: 3). Personal, sensitive and confidential data are often described as the data with the highest value (Trustwave 2014; Federal Trade Commission 2015).
This understanding of digital information as an object of value in itself is further underpinned by the insurance market that translates the risk of data loss into insurance contributions. This third set of narratives states that the risk of being hacked is not something that can be averted, but only steered, managed and controlled (Clapper 2015: 1). This kind of reasoning is reflected in reports that describe the “high threat of an isolated or brief disruption causing serious damage” (ICS-CERT 2015). In fact, reasoning about the risk of hacking refers to the expectable: hack attacks are not only impossible to calculate (Randazzo et al. 2004: 1ff.), but they are so erratic that they could happen any time. Thus, assessments no longer speak about the likelihood of hack attacks, but rather about “targets” (Trustwave 2014: 2ff.). The DNI summarises:
[T]he diverse possibilities for remote hacking intrusions, supply chain operations to insert compromised hardware or software, and malevolent activities by human insiders will hold nearly all ICT systems at risk for years to come. In short, the cyber threat cannot be eliminated; rather, cyber risk must be managed. Moreover, the risk calculus employed by some private sector entities does not adequately account for foreign cyber threats or the systemic interdependencies between different critical infrastructure sectors. (Clapper 2015: 1)
Threat assessments for hack attacks speak less and less the language of prevention, but that of preparation and response (Ready.gov 2015; McDowell and Householder 2015). The limits of risk calculations make it difficult to prevent hacking or protect oneself (cf. Bloomberg 2014). As a result, the loss of digital data needs to be regulated through insurances (Romanowsky 2015) that do not calculate probability, but loss of value inherent in digital data.
The idea of regulating the loss of digital data as material property is also incorporated in the legal debate on hacking, where not only narratives of electronic and financial crime merge (ISAC Financial Services et al. 2014: 7), but where efforts are undertaken to converge racketeering and computer fraud laws. The White House, for example, suggests updating the Racketeering Influenced and Corrupt Organizations Act (RICO) to apply to cyber-crimes (The White House 2015a), to clarify “the penalties for computer crimes, and make […] sure these penalties are in line with other similar non-cyber crimes” (ibid.). In their proposal to update the Act on Fraud and Related Activity in Connection with Computers (SEC. 103. Computer Fraud and Abuse Act, 18 U.S.C. § 1030.), the value of data is concretely referred to and used as a basis to decide upon criminal liability, namely when “the value of the information obtained exceeds $5,000.” The hacking of data not only causes economic damage, but it is again to be compensated for with money:
(11) the term “loss” means any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service. (The White House 2015b)
The White House’s proposal underlines the many valorisations of digital data. This has, however, been met with public criticism, especially in the technology community. Members invoke here how this regulation led to the exaggerated monetary compensation that was imposed in the case of Aaron Swartz who committed suicide after his charge of one million USD in fines and 35 years in prison (The United States Attorney’s Office 2011). Several public spokespersons criticised that in the language and formulation of these new laws the digital would become over-valued and that the monetary value assigned to the informational value would not correspond to each other (Graham 2015; Liebelson 2015).
In sum, the US discourse combines four different narratives, all of which entangle security and economic forms of reasoning and emphasise the value of digital data, both as objects in themselves, but also as that which enables societal processes and assists in the creation of multiple valorisations. That becomes visible in the emphasis on motifs of hack attacks described in risk assessments, in the way in which official discourses on hacking assign value to digital data itself as well as its exchange, and present the related argument for the insurance of digital data. Finally, it also shows in the way in which the valorisation of digital data is expressed through legal means.
Conclusion
Even though India and the US are at very different stages of the digitisation process, their governmental discourses about hacking imply similar understandings of the relationship between digital data and value. This arises from implicit and explicit statements of hacking discourses in both countries. While one of the self-evident conclusions is that digital data are at least an asset of value that can be turned into money, the article also illustrates that digital data take on the role of a currency that establishes various relationships of value and valorisation.
In discourses on hacking, data become a medium of exchange that are subject to opportunity and loss. This is shown in the Digital India programme, India’s attempt to create a National Cyber Defense Policy, India’s practices of ethical hacking to ensure the exchange of digital data and the Information Technology (IT) Act that even equates digital data with money. The similarities of digital data and currencies furthermore shows in the US documents on hacking. Governmental narratives tie the loss or disruption of data exchange to property damage. This relationship is also made explicit in the way in which the insurance discourse ascribes value to data and how the attempt to integrate hacking into the Racketeering Act puts the loss of data on a level with the loss of money. The loss of digital data then is material loss as digital data establishes numeric relationships of exchange: in the same way in which money renders quantifiable and permits “comparisons among objects, persons, and activities” (Maurer 2006: 20), digital data also render phenomena quantifiable in their own way. However, the “systems of calculation and quantification on which it depends are not always as straightforwardly algebraic as one might imagine” (Maurer 2006: 23, quoting Foster 1999). Maurer draws on Roitman (1997) and Ferreira (1997: 135) to emphasize that “numbers do not always point to enumerable objects in the world” and that different means of quantification can “create conflict with other value systems.” The above case studies traced how different forms of quantification, valorisation and calculative agencies that work with digital data in a currency-like modus also assign different forms of value to it.
As similar as the characteristics of digital data and money may be, one can argue that digital data yet render quantifiable in a different way from money. While digital data have been identified as “information capital” (cf. Andrejevic 2009), they work not in the same “uniscalar” way as capitalist money (Kelly 1992), but rather as a calculable currency with many different embeddings, that experience multiple forms of value ascriptions via different associations and patterns. How data is understood, how it is sorted, classified, and ordered, has meaning for its valuation. The above analyses illustrate this very point, namely that digital data experience manifold valorisations as their exchange, their accumulation and their subjection to whatever analytic efforts seek to target, are considered crucial to each society’s functioning. Amoore and Piotukh summarize that “the work of analytics and algorithms not only transforms the meaning and value of data, but also inscribes the very perception of the world in which we live, govern and are governed” (2015: 344). Through their calculability digital data are “in-formation” (Dillon 2000) as they constantly experience new roles and context-related valorisations.
In showing how digital data entertain multiple relationships to value – especially when understood as a currency that only exists in relationships of exchange, that has a tendency to be accumulated and subjected to calculation—the article has contributed to the debate on digital data and value. Like money, digital data are an “exemplar of the problem of the relationship between sign and substance, thought and matter, abstract value and its instantiation in physical and mental labors and products” (Maurer 2006: 27; Shell 1982, 1995). Future explorations of the relationship between digital data and value should focus on how different actors and methods, as well as numeric and non-numeric calculatory practices create different relationships of valorisation. This means eventually to move away from the idea that data are always flat or uniscalar, but that the manifold relationships that digital data entertain to value can have different effects and produce different affects.
Notes
References
Aggarwal, V. 2015. “Gulshan Rai becomes first chief of cyber security; post created to tackle growing e-threats.”Economic Times, New Delhi, March 4. economictimes.indiatimes.com/articleshow/46449780.cms?utm_source= contentofinterest&utm_medium=text&utm_campaign=cppst (accessed August 08, 2015).
Amoore, L. and Volha Piotukh. 2015. “Life beyond big data: governing with little analytics.” Economy and Society 44(3): 341–366
Anderson, M.J. and S. E. Fienberg. 1999. Who Counts? The Politics of Census-Taking in Contemporary America. New York: Russel Sage Foundation.
Andrejevic, M. 2015. “Personal Data: Blind Spot of the ‘Affective Law of Value’?” The Information Society 31(1): 5-12.
Andrejevic, M. 2009. “Privacy, Exploitation, and the Digital Enclosure.”Amsterdam Law Forum 1(4). Available at: amsterdamlawforum.org/article/view/94/168 (accessed March 10, 2016).
Andrejevic, M., Gates, K. 2014. “Big Data Surveillance: Introduction.” Surveillance and Society 12(2): 185-196.
Arvidsson, A. and E. and Colleoni. 2012. “Value in Informational Capitalism and on the Internet.” The Information Society 28: 135-150.
ASSOCHAM. 2016. “Bank Card Fraud was Waiting to Happen, says ASSOCHAM-Mahindra SSG.” October 23. assocham.org/newsdetail.php?id=5995 (accessed 6 December 2016)
BBC. 2012. “US Military Train in Cyber-City to Prepare for Hack-Defense.” November 28. www.bbc.com/news/technology-20525545 (accessed 4 September, 2015).
Blanchette, J. F. 2011. “A Material History of Bits.” Journal of the American Society for Information Science and Technology 62(6): 1042–1057.
Bloomberg. 2014. “Hack Reveals US Cannot Protect Its Business from Cyber Attacks.” December 22. www.business-standard.com/article/international/hack-reveals-us-cannot- protect-its-business-from-cyber-attacks-114122200063_1.html (accessed September 1, 2015).
boyd, d. and K. Crawford. 2012. “Critical Questions for Big Data: Provocations for a Cultural, Technological, and Scholarly Phenomenon.” Information, Communication & Society 15(5): 662-79.
Brison, K. 1999. “Money and the Morality of Exchange among the Kwanga, East Sepik Province, Papue New Guinea.” In: Akin, D., Robbins, J. (eds) Money and Modernity: State and Local Currencies in Melanesia. Pittsburgh, PA: University of Pittsburgh Press.
Clapper, J. R. 2015. “Statement for the Record Worldwide Threat Assessment of the US Intelligence Community Senate Armed Services Committee.” Director of National Intelligence. February 26. www.dni.gov/files/documents/Unclassified_2015_ATA_SFR_-_SASC_FINAL.pdf (accessed August 20, 2015).
Coleman, G. 2011. “Hacker Politics and Publics.” Public Culture 23(3): 511-516.
Coleman, G. 2017. The Public Interest Hack. limn 8 Hacks, Leaks and Breaches.. limn.it/articles/the-public-interest-hack/ (accessed January 4, 2019).
Deibert, R.J., Rohozinski, R. 2010. “Risking Security: Policies and Paradoxes of Cyberspace Security.” International Political Sociology 4(1): 145-32.
DHS. 2016. “Joint Statement from the Department Of Homeland Security and Office of the Director of National Intelligence on Election Security.” October 7, 2016. www.dhs.gov/news/2016/10/07/joint-statement-department-homeland-security -and-office-director-national (accessed 16 December 2016).
Dillon, M. “Poststructuralism, Complexity and Poetics.” 2000. Theory, Culture and Society 17(5): 1-26.
The Economic Times. 2015. “Digital India: World Faces ‘Bloodless’ Cyber War Threat, says PM Narendra Modi. July 1. economictimes.indiatimes.com/news/defence/digital-india-world-faces- bloodless-cyber-war-threat-says-pm-narendra-modi/articleshow/47899365. cms (accessed 03 September, 2015).
The Economist. 2017. “The World’s Most Valuable Resource is No Longer Oil, but Data.” www.economist.com/leaders/2017/05/06/the-worlds-most-valuable-resource- is-no-longer-oil-but-data (accessed January 4, 2019).
FBI. 2015a. “What We Investigate: Cyber Crime.” www.fbi.gov/about-us/investigate/what_we_investigate (accessed August 31, 2015).
FBI. 2015b. “Cyber Crime.” www.fbi.gov/about-us/investigate/cyber (accessed August 31, 2015).
Federal Trade Commission. 2015. “FTC Videos Advise What to Do if Your Email is Hacked or Malware Attacks Your Computer.” www.ftc.gov/news-events/press-releases/2015/03/ftc-videos-advise-what-do -if-your-email-hacked-or-malware-attacks (accessed August 15, 2015).
Ferreira, M.K.L. 1997. “When 1+1≠2: Making Mathematics in Central Brazil.” American Ethnologist 24(1): 132-147.
Floridi, L. 2011. The Philosophy of Information. Oxford: Oxford University Press.
Foster, R. 1999. “In God We Trust? The Legitimacy of Melanesian Currencies.” In: Akin, D., Robbins, J. (eds) Money and Modernity: State and Local Currencies in Melanesia. Pittsburgh, PA: University of Pittsburgh Press, 214-231.
Fuchs, C. 2010. “Labor in Informational Capitalism and on the Internet.” The Information Society 26(3), 179-196.
Gilbert, E. 2015. “Common Cents: Situating Money in Time and Place.” Economy and Society 34(3): 357-388.
Godin, B. 2008. “The Information Economy: The History of a Concept Through Its Measurement 1949-2005.” History and Technology: An International Journal. 24(3): 255-287.
Gompert D. C. and M. C. Libicki. 2015. “Decoding the Breach: The Truth About the CENTCOMHack.” www.rand.org/blog/2015/02/decoding-the-breach-the-truth-about-the- centcom-hack.html (accessed August 31, 2015).
Government of India. 2014. “Digital India. A Programme to Transform India into a Digitally Empowered Society and Knowledge Economy.” Department of Electronics and Information Technology, deity.gov.in/sites/upload_files/dit/files/Digital%20India.pdf (accessed November 28, 2014).
Government of India. 2015. “Digital India. Power to Empower.” Department of Electronics and Information Technology, Ministry of Communications and Information technology, Government of India, digitalindia.gov.in/writereaddata/files/binder-flipbook/index.html (accessed August 8, 2015).
Graeber, D. 1996. “Beads and Money: Notes Toward a Theory of Wealth and Power.” American Ethnologist 23: 4-24.
Graham, R. 2015. “President Obama Is Waging a War on Hackers.” www.wired.com/2015/01/president-obama-waging-war-hackers/ (accessed August 15, 2015).
The Guardian. 2018. “The Cambridge Analytica Files.” www.theguardian.com/news/series/cambridge-analytica-files (accessed January 4, 2019).
Guha, R. and A. S. Mankotia. 2014. “PM Modi’s Digital India project: Government to Ensure that Every Indian Has Smartphone by 2019.” The Economic Times, 25 August, articles.economictimes.indiatimes.com/2014-08-25/news/53205445_1_digital -india-india-today-financial-services (accessed November 28, 2014).
Hackers League. 2018. “Who are Blue Hat Hackers?” medium.com/@hackersleague/who-are-blue-hat-hackers-aeb443b90c29 (accessed January 7, 2019).
Hansen, L. and H. Nissenbaum. 2009. “Digital Disaster, Cyber Security, and the Copenhagen School.” International Studies Quarterly 53, 1155–1175.
Hoffmann, A.L. 2017. “Making Data Valuable: Political, Economic, and Conceptual Bases of Big Data.” Philosophy and Technology 31(2): 209-212.
ICA. 2015. “Ethical Hacking as Career and Cyber Army, Indian Cyber Army.” www.icalab.com/press/ethical-hacking-as-career-and-cyber-army (accessed August 08, 2015)
ICS-CERT. 2015. “Cyber Threat Source Descriptions.” ics-cert.us-cert.gov/content/cyber-threat-source-descriptions#hack (accessed August 15, 2015).
IC3. 2015. “Internet Crime Schemes: Internet Extortion.” www.ic3.gov/crimeschemes.aspx#item-10 (accessed August 15, 2015).
IDSA. 2012. “India’s Cyber Security Challenge.” IDSA Task Force Report. New Delhi: Institute for Defence Studies and Analysis.
Iliadis A., Russo. F. 2016. “Critical Data Studies: An Introduction. Big Data & Society 3(2).
Information Warfare Monitor and Shadowserver Foundation. 2010. Shadows in the Cloud: Investigating Cyber Espionage 2.0. Toronto: Information Warfare Monitor and Shadowserver Foundation, 2012.
ISAC Financial Services, Secret Services and R-CISC 2014. “Protecting Merchant Point of Sale Systems during the Holiday Season.” www.secretservice.gov/HolidaySeason-2014.pdf (accessed August 17, 2015).
Jacobsen, E. K. U. 2012. “Unique Identification: Inclusion and Surveillance in the Indian Biometric Assemblage.” Security Dialogue 43(5): 457– 474.
Jacobsen, E. K. U. 2013. “Preventing, Predicting or Producing Risks? India’s National Biometric Identification.” In Miklian, J. and Å. Kolås (Eds). India’s Human Security: Lost Debates, Forgotten People, Intractable Challenges. London: Routledge, 2013.
Jacobsen, E. K. U. 2015. “Unique Biometric IDs.” Governmentality and Appropriation in a Digital India. Gothenburg, University of Gothenburg: School of Global Studies, 2015.
Kaka, N., A. Madgavkar, J. Manyika, J. Bughin and P. Parameswaran. 2014. India’s Technology Opportunity: Transforming Work, Empowering People.McKinsey Global Institute.
Karppi T. and K. Crawford. 2015. “Social Media, Financial Algorithms and the Hack Crash.” Theory, Culture and Society [online first] 1-20.
Kaufmann, M. Forthcoming/ “‘Now you see me—now you don’t!’—Practices and Purposes of Hacking Online Surveillance.” Mediatization Studies.
Kaufmann, M. and J. Jeandesboz. 2016. “Politics and ‘the Digital’: From Singularity to Specificity.”European Journal of Social Theory [online first] 1–20. journals.sagepub.com/doi/pdf/10.1177/1368431016677976
Kaufmann, M., Egbert, S., Leese, M. 2018. “Predictive Policing and the Politics of Patterns.” British Journal of Criminology. Online First.. doi.org/10.1093/bjc/azy060
Keeney, M. and E. Kowalski, National Threat Assessment Center, United States Secret Service, Capelli D., A. Moore, T. Shimeall and S. Rogers, Cert Program, Software Engineering Institute Carnegie Mellon University. 2005. “Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors.” www.secretservice.gov/ntac/its_report_050516.pdf (accessed August 15, 2015).
Kelly, J.D. 1992. “Fiji Indians and ‘Commoditization of Labor.'”American Ethnologist 19(1): 97-120.
Kitchin, R. 2014. The Data Revolution. Big Data, Open Data, Data Infrastructures and Their Consequences. Thousand Oaks, CA: Sage Publishing.
Kowalski, E., National Threat Assessment Center, United States Secret Service, Capelli D, Moore A, Cert Program, Software Engineering Institute Carnegie Mellon University. 2008a. “Insider Threat Study: Illicit Cyber Activity in the Information Technology and Telecommunications Sector (URL and access date?).
Kowalski, E.; Conway, T.; S. Kerveline; Williams, M.;National Threat Assessment Center, United States Secret Service, Capelli D, Willke B, Moore A, Cert Program, Software Engineering Institute Carnegie Mellon University. 2008b. “Insider Threat Study: Illicit Cyber Activity in the Information Technology in the Government Sector.” www.secretservice.gov/ntac/final_government_sector2008_0109.pdf (accessed August 31, 2015).
Lash, S. 2005. “Lebenssoziologie: Georg Simmel in the Information Age.” Theory, Culture and Society 22 (3):1-23.
Laney, D. 2012. “To Facebook, you’re worth $80.95.” CIO Journal: Wall Street Journal Blogs. May 3. blogs.wsj.com/cio/2012/05/03/to-facebook-youre-worth-80-95/ (accessed March 11, 2016).
Leonardi, P. 2010. “Digital Materiality? How Artifacts Without Matter, Matter.”First Monday 15 (6–7).
Liebelson, D. 2015. “Democrats, Tech Experts Slam Obama’s Anti-Hacking Proposal.” Huffington Post, January 21. www.huffingtonpost.com/2015/01/20/obama-hackers_n_6511700.html (accessed August 1, 2015).
Lupton, D. 2013. Digital Sociology. London: Routledge, 2015.
Lyon, D. “Afterword: Digital Spaces, Sociology and Surveillance.” In: Orton-Johnson, K. and N. Prior, eds. Digital Sociology. Critical Perspectives. London: Palgrave Macmillan.
Maurer, B. 2006. “The Anthropology of Money.” The Annual Review of Anthropology 35:15-16.
McDowell, M. and A. Householder. 2015. “Security Tip (ST04-001): Why is Cyber Security a Problem?” www.us-cert.gov/ncas/tips/ST04-001 (accessed August 15, 2015).
Ministry of Communications and Information Technology. 2013. “National Cyber Security Policy—2013.” Department of Electronics and Information Technology, Delhi: Government of India.
NASSCOM. 2014. www.nasscom.in/download/summary_file/fid/69305 (accessed August 11 2015).
NASSCOM-DSCI. 2012. Securing our Cyber Frontiers. New Delhi: Data Security Council of India.
Pardo-Guerra, J. P. 2013. “Trillions Out Of Ones and Zeros: The Sociology of Finance Encounters the Digital Age.” In Orton-Johnson, K. and N. Prior eds. Digital Sociology. Critical Perspectives. London: Palgrave Macmillan.
Paul, G. Foundations of Digital Evidence. Washington, DC: American Bar Association.
Pick, J. B. and A Sarkar. 2015. The Global Digital Divides. Heidelberg: Springer Berlin Heidelberg.
Pinkerton and Federation of Indian Chambers of Commerce and Industry (FICCI). 2014. India Risk Survey 2014. Gurgaon/New Delhi: Pinkerton and FICCI.
Puschmann, C., Burgess, J. 2014. “Metaphors of Big Data.” International Journal of Communication 8: 1690–1709.
PWC. 2015. “Managing Cyber Risks in an Interconnected World. Key Findings from The State of Information Security Survey 2015, India.” PricewaterhouseCoopers Private Limited. Location required as in a book citation?
Randazzo, M. R. M. Keeney and E. Kowalski, National Threat Assessment Center, United States Secret Service, Capelli D, Moore A, Cert Program, Software Engineering Institute Carnegie Mellon University. 2005.Insider Threat Study: Illicit Cyber Activity in the Banking and Finance Sector. resources.sei.cmu.edu/library/asset-view.cfm?assetid=7227 (accessed March 7, 2016).
Ready.gov. 2015a. “Be informed. Terrorist hazards: Cyber attack.” www.ready.gov/cyber-attack (accessed August 15, 2015).
Rigi, J. and R Prey. 2015. “Value, Rent, and the Political Economy of Social Media.” The Information Society 31(5): 392-406.
Roitman, J. 2005. Fiscal Disobedience: An Anthropology of Economic Regulation in Central Africa. Princeton, NJ: Princeton University Press.
Romanowsky, S. 2015. “The High Cost of Hacks.” www.rand.org/blog/2015/03/the-high-cost-of-hacks.html (accessed August 31, 2015).”
Savage, M. 2013. “Digital Fields, Networks and Capital: Sociology Beyond Structures and Fluids. In Orton-Johnson, K. and N. Prior eds. Digital Sociology. Critical Perspectives. London: Palgrave Macmillan.
Singh, A. N., M. P. Gupta and A. Ojha. 2014. “Identifying Critical Infrastructure Sectors and their Dependencies: An Indian Scenario.”International Journal of Critical Infrastructure Protection 7(2): 71-85.
Shell, M. 1982. Money, Language and Thought. Baltimore, MD: John Hopkins University Press.
Shell, M. 1995. Art and Money. Chicago: University of Chicago Press.
Standing Committee on Information Technology. 2014. “Cyber Crime, Cyber Security and Right to Privacy, Fifty-Second Report.” New Delhi: Ministry of Information and Communications Technology.
Sætnan, A.R., H. M. Lomell and S, Hammer. 2011. “Introduction: By the Very Act of Counting—The Mutual Construction of Statistics and Society.” InSætnan, A. R., H. M. Lomell and S. Hammer (Eds). The Mutual Construction of Statistics and Society. London: Routledge.
Thompson, G. F. 2004. “Getting to Know the Knowledge Economy: ICTs, Networks and Governance.” Economy and Society 33(4): 562-581.
Thrift, N. 2005. Knowing Capitalism. London: Sage.
Thrift, N. 2006. “Re-inventing Invention: New Tendencies in Capitalist Commodification.” Economy and Society 35(2): 279-306.
Trustwave. 2014. “Trustwave Global Security Report.” www.secretservice.gov/Trustwave_WP_Global_Security_Report_2014.pdf (accessed August 1, 2015)
United States Attorney’s Office. 2011. “District of Massachusetts: Alleged Hacker Charged with Stealing Over Four Million Documents from MIT network. web.archive.org/web/20120526080523/www.justice.gov/usao/ma/news/2011/ July/SwartzAaronPR.html (accessed August 31, 2015).
Unnikrishnan, D. 2016. “Demonetisation: How Narendra Modi changed narrative from black money to cashless economy.” Firstpost. www.firstpost.com/politics/note-ban-how-narendra-modi-changed-narrative- from-black-money-to-cashless-economy-3127628.html (accessed December 2, 2016).
US Secret Service. 2012. “United States Secret Services. Fiscal year 2012 Annual Report.” www.secretservice.gov/USSS_FY12AR.pdf (accessed August 1, 2015).
White House. 2009. “Office of the Press Secretary: Remarks by the President on Securing Our Nation’s Cyber Infrastructure.” www.whitehouse.gov/the-press-office/remarks-president-securing-our- nations-cyber-infrastructure (accessed September 1, 2015).
White House. 2015a. “Office of the Press Secretary: SECURING CYBERSPACE—President Obama Announces New Cybersecurity Legislative Proposal and Other Cybersecurity Efforts.” www.whitehouse.gov/the-press-office/2015/01/13/securing-cyberspace- president-obama-announces-new-cybersecurity-legislat (accessed August 31, 2015).
White House. 2015b. “Updated Administration Proposal: Law Enforcement Provisions.” www.whitehouse.gov/sites/default/files/omb/legislative/letters/updated- law-enforcement-tools.pdf (accessed August 1, 2015).
Zients, J. 2014. The President’s BuySecure Initiative: Protecting Americans from Credit Card Fraud and Identity Theft. www.whitehouse.gov/blog/2014/10/17/president-s-buysecure-initiative- protecting-americans-credit-card-fraud-and-identity (accessed August 1, 2015)
Biography
Mareile Kaufmann is a post doc. at the Department of Criminology and Sociology of Law and a senior researcher at the Peace Research Institute Oslo. Neighboring disciplines such as Critical Security Studies and cultural sciences shape her research agenda, which focuses on the meeting point between societal security and digital technologies.
Acknowledgements
The work on this article has been financed by the Research Council of Norway. The reference number of the project “The Digitization of Risk Communication” (DIGICOM) is 233876.
I would like to thank my colleague, who prefers not to be mentioned by name, for her contributions to the part on “Governmental discourses on the risk of hacking in India.”
© 2018 Mareile Kaufmann, used by permission
