Cybersecurity
A Feminist Audit of Security Policy
A Feminist Audit of Security
The scenario of a cyber attack during the 2019 elections has been considered in the context of cybersecurity and the militarization of cyber space, but what if this scenario was centred around the attack of a woman in government? Or the surveillance of sex workers or sex work clients as a means to find information for blackmail from government officials? What about the lack of female voices in cybersecurity both from the perspective of the hackers and the government’s security professionals that handle security breaches? The issue of cybersecurity should be critically considered through a feminist lens because it is an area abundant in gender inequalities, and because it is so closely linked to surveillance, which is inherently composed of power relations.(1)
The most obvious way to fight cybercrime is through strong cybersecurity to prevent it. To address and to bridge the skills shortages in Canada’s cybersecurity, gender imbalance is a good starting point. Data shows that females make up only 11% of the cybersecurity workforce all around the world and, as of 2016, women in cyber security earned less than men at every level.(2) Although there is a stark underrepresentation of women in the field, there is a wide range of opportunities that could be filled with non-male talent and innovation.(3) Women who work in computer security are constrained by a dominant cultural conception of gender, security, and masculinity, and this is exactly why cybersecurity as a professional field should accept more women into its workforce.(4) Overall, the underrepresentation of women in the cybersecurity field reproduces a hyper-masculine culture where women’s voices are largely excluded, thus holding influence over interests the cybersecurity regime protects or erases.
Cybersecurity, surveillance, monitoring and documentation from state and non-state actors are realms where the gendered, sexed, racialized, and classed exercise of power is often masked and reinforced.(5) These are realms where feminism is relevant and needed because of the intersectional nature of the different forces at work. Take for instance the scenario of political party emails, websites, and personal correspondence being hacked. While this seems like a non-gendered situation, there are multidimensional issues, for example, a male politician being condemned for purchasing sexual services. This would be a key example of how surveillance can be used under the guise of feminism and the name of eradicating violence against women in the sex industry.(6) However, the basis of this logic paints the desire to purchase sex as fundamentally deviant—this is gendered masculine because it makes male clients hypervisible and vulnerable to surveillance, while making invisible the existence of female clients, and female desire.(7) The realm of sex work is not only gendered, but also racialized, as the majority of sex workers are people of colour.(8) Not only is it racialized, but it is also classed, as poverty and immigration status also play a role in shaping sex workers’ experiences.(9) Overall, this is only one example of the potential intersectional dimensions of a cyber-security hack on a Canadian politician, demonstrating an analytical feminist lens is valuable to a multitude of foreign policy issues.
At first glance, there seems to be no place for a feminist lens in the area of cybersecurity and surveillance. However, as explained above, this is truly not the case. Cybersecurity and surveillance needs feminism to give voice to female actors and to recognize the inherent intersectionality and power hierarchies woven into the issues in these areas. By moving away from neutral definitions and readings of security and surveillance, we can bring gender issues and other issues contingent to it—such as race, sexuality, class, able-ness—into the forefront of the discussion, which directly challenges power hierarchies.