Vital Systems Security

Amazon.com just sent me an email directing me to Amazon’s Emergency Preparedness Store. Not a joke. Repeat. Not a joke. And that’s not all. The page says that “Every household should have an emergency kit in case of disasters. We’ve prepared a checklist of essential emergency items to help you assess your needs. Shop all categories in the Emergency Preparedness Store or use the scenario-specific navigation below.” Vulnerability assessment based on specific scenarios! Do as DHS does for national preparedness but for your own home and family! Click on the links below to go to the amazon.com store and prepare yourself for…

There is no mention of a bioattack, however. We will have to wait for amazon to sell “home vaccine stockpile” kits.

The new World Health Report has been issued. Keywords seem to be emerging disease, global public health, and health security. Hopefully some among us will get a chance to read it and comment soon. Here is the summary from the website:

The World Health Report 2007 - A safer future: global public health security in the 21st century marks a turning point in the history of public health, and signals what could be one of the biggest advances in health security in half a century. It shows how the world is at increasing risk of disease outbreaks, epidemics, industrial accidents, natural disasters and other health emergencies which can rapidly become threats to global public health security. The report explains how the revised International Health Regulations (2005), which came into force this year, helps countries to work together to identify risks and act to contain and control them. The regulations are needed because no single country, regardless of capability or wealth, can protect itself from outbreaks and other hazards without the cooperation of others. The report says the prospect of a safer future is within reach - and that this is both a collective aspiration and a mutual responsibility.

Apropos of this, an article in the Times business section yesterday reports on the new attention being given to vaccine development. This is not my area, but it seems like a marked shift from a few years ago — when some of the biosecurity was beginning to emerge — and the cw was that big pharma would never get involved with vaccines. Again, comments from those more knowledgeable most welcome.

Fantastic, informative article in NYT Magazine takes a peek at ‘cat bonds’ — or catastrophe bonds — and the argument for pricing insurance in accordance with more ‘realistic’ models of risk, for example for hurricanes or disasters. Interesting, compelling, and well-written… I don’t like being so cynical but it almost has one believe that the insurance industry can play a socially useful role in solving the problem of risk mitigation: by encouraging people not to build and live on fault lines or in highly vulnerable hurricane zones — or by pricing insurance sans state subsidy in such a manner as to cover actual losses as opposed to the fantasy losses that the industry, pre-Katrina, historically pre-supposed. All of this sounds great if it didn’t ignore the fact that at a population level those most vulnerable to extreme disasters are to be found in the lower strata of the social class and SES registers. There is also a pretty heavy correlation between race and vulnerability to extreme events.

Just thinking out loud here, but it seems there are at least two parallel discussions going on here in the area of catastrophic insurance: On the one hand are those discussions which focus on the specific techniques and practices around insurance which are introduced and made viable (and visible) in discourse and policy without reference to a number of salient elements such as social class, race, etc. On the other hand, there exist a number of critiques which point almost exclusively to ‘the social’ — to social disadvantage, the reproduction of oppression, and inequalities in a number of domains — to explain the root ’causes’ of disasters (and offer a way forward) without specific reference to the very rationality and techniques which parse the world into (usually predictable) risks and rewards. This is maybe a crude second-order observation to be considered in light of Stephen’s flag of the Kunreuther piece.

My forays into the wired world are paying off: Now I’m only a year or two behind the curve. Check out this fascinating story picked up by Time (and NPR). It reports on the dastardly named “Corrupted Blood”, an intentionally released virus (and resultant epidemic) which wrought a fair amount of damage in the virtual “World of Warcraft”. Apparently the disease, originally designed to affect higher-level cave-dwellers (nevermind the oxymoron), ended up spreading unexpectedly to the world’s virtual cities — where the common folk live. Tellingly, the game’s own administrators had trouble controlling the virus once released.

In addition to all the buzz this generated in the gamer world, it’s also led to some pieces in scholarly journals, including this one (article info only; you’ll need an institutional subscription to access it, I think). Of particular interest is that the virtual gaming world might be a space to test out all those interesting theories that cannot be feasibly tested in the real world during a massive ID outbreak, like: will people comply with public health and infection control measures? Will communities panic? In fact, more broadly stated: Just how will people behave when a catastrophic Mondo virus comes crashing down on them? Of course, disaster researchers have said for decades that data derived from research on community behavior is pretty compelling, and clear: People generally don’t panic. People are generally compliant. Be that as it may, it is interesting to think about — and be slightly concerned about — the possibility that overly Red Bull-ed, highly testosteroned, über-gamers might form the sample out of which more general findings about community behavior in times of an apocalyptic viral meltdown will be extrapolated. Nevertheless, I find it intriguing to think about just what kind of knowledge — new, unexpected knowledge — can and will be produced as these kinds of imaginative enactments and scenarios take shape down the road.

Come to think of it, I find it equally intriguing to think about the ethical positions (and implications) associated with the intentional release of a harmful ‘pathogen’ in virtual space. Can we profit from the virtual deaths of thousands? Millions? Yes. Should we? That’s a wee bit trickier. How do we do it? Informed Consent?

Howard Kunreuther, one of the major figures in insurance and catastrophe risk in the United States, has an op-ed in today’s Times about hurricane insurance post-Hurricane Katrina (he has also co-edited a book on risk and natural catastrophe post-Katrina that is worth a look). Apparently, State Farm, the major insurer for flood risk in the area, has decided to stop selling policies to homeowners in the area. Thus the question: Who will cover loss for the next big hurricane?

This has been a topic on which Kunreuther has been focused since at least the late 1960s, when attention in the United States began to turn to the question of increasing catastrophe risk as people moved into more risk-prone areas, and the role of government in promoting this “risky” behavior through compensation or cheap loans after the event. (Some studies showed that people ended up better off financially, at least in some cases, after natural catastrophes than before.)

The prescriptions now are the same as the prescriptions then: better evaluation of catastrophe loss risk, pricing of insurance to reflect that risk, and individual decisions about what kinds of risks they are willing to take, and what kind of premiums they are willing to pay. Kunreuther adds a proposal for vouchers that would help low-income households pay for insurance, which, he holds is vastly preferable to blanket subsidies which mask the real risks assumed by location decisions.

I blogged on a similar topic some time ago, concerning the Army Corps efforts to disseminate information about flood risk in New Orleans through new visualizations based on the web. Kunreuther is offering a broader overview of what might be called a neo-liberal apparatus of catastrophe risk management through the calculative choices of free actors. Sounds pretty good to me.

Read on for the full op-ed:
Read the rest of this entry »

In the last chapter (entitled “Death”) of her new book, Dolly Mixtures, Sarah Franklin comments in interesting ways on the food and mouth crisis of 2001 and the so-called slaughter policy.

This may come as a surprise to no one: The Intelligence Community (IC) of the US, comprising over a dozen agencies across the civilian and military spheres, has introduced a variety of social networking technologies in order to facilitate… no, not dating … but rather knowledge dissemination and sharing across organizational and professional silos and compartments. The not-so-original named “Intellipedia” was announced in 2006, and modeled after… well, I think you can figure that one out. A number of sites have some interesting info on it, including of course Wikipedia. You can also find more info than you probably want on it here.

The point of all this is not to re-hash old news; rather it is to flag an interesting debate within (and, of course, outside) the IC, which has been sparked by the decision to go ahead with a number of social networking technologies. In addition to Intellipedia, there is now “A-Space.” Can you guess what that emulates? Yes, A-Space, tagged as a kind of MySpace for Spies — probably unfairly — has been introduced as a way to get people talking with each other across intra- and inter-agency lines. Crudely put, the contours of the debate just mentioned revolve around two views: On one hand are those who feel that social networking technologies will help to break down the ossified barriers which contributed to the well-documented intelligence failures around 9.11. If Jane can’t post certain documents and invite others with a similar security clearance to have a look and make comments; or if Joe can’t float certain ideas to his peers or cast about for others, then (the argument goes) the IC will not have properly taken advantage of today’s cutting-edge technologies to help reform the byzantine rules and governance structures having to do with the community’s knowledge production and dissemination. On the other hand runs the counter-argument, loose lips sink ships. A slip here, a misstatement there, and irreparable harm may come either to the security interests of the US or to actual operatives in the field — or both. If Jane’s document contains sensitive information that Joe is not supposed to know about (even if he has a comparable clearance), then Jim’s cover might get blown. And that could be bad.

I have had an abiding interest in the last few years around questions of what makes knowledge dangerous, including the forms dangerous knowledge takes. In this case, it seems, danger exists not so much at the level of the individual (at least, I don’t see it that way), but in the fact that a (rhizomatic?) network of information threatens extant structures that govern information — structures which adhere to values and practices associated with secrecy. One question, interesting to pose, difficult to study: What effect will these technologies and this form of social organization have not only on the production and dissemination of knowledge, but on the forms knowledge takes? What form(s) will dangerous knowledge take both in the IC and in the public at large as these technologies evolve and are embedded more firmly in a variety of critical infrastructures? Indeed, at a more general level: What is the relationship between information and infrastructure?

A recent trilateral powwow originally designed to focus on economic and security issues across Canada, Mexico and the United States, has become the principal venue through which said countries are coordinating their pandemic preparedness efforts. What this coordination entails is an interesting question. A recent piece from the informative CIDRAP news service describes a recently released report detailing some of the issues the countries see themselves facing. One issue (comprising one chapter in this report): critical infrastructure. One strategy to tackle the problem of critical infrastructure protection: Resiliency. None of this is surprising or new. What is interesting, to me anyway, is how these concepts will ‘operate’ or be actualized in practice in and across these different national contexts. Is there such a thing as North American Critical Infrastructure? How about North American Resiliency?

For some reason, all of this calls to mind the notion of “regionalization”, which has been pushed — albeit not very hard — by a number of federal agencies and states which foresee advantages to realizing efficiencies in preparedness efforts — check out an example from AHRQ here. These efficiencies are based not only in economics, per se, but in geographies as well. Counties have banded together, as have states, in a variety of different emergency services and disaster preparedness contexts (e.g., one EMS agency covering several counties; states and counties signing mutual aid agreements in times of need, etc.) for decades. The dynamics of multinational ‘regionalization,’ I suspect, is substantially different.

According to a story in today’s New York Times pigeon droppings could have been a factor in weakening the bridge that collapsed in Minnesota. Is that a population security problem, or a vital systems security problem? Are pigeons a “pathology of the social”? Etc.

Here is an interesting piece on infrastructure repair and maintenance by Stephen Graham and Nigel Thrift.

ABSTRACT: This article seeks to demonstrate the centrality of maintenance and repair to an understanding of modern societies and, particularly, cities. Arguing that repair and maintenance activities present a kind of ‘missing link’ in social theory, which is usually overlooked or forgotten, the article begins by recalling Heidegger’s concept of material things as being ‘ready to hand’. The main elements of practices of repair and maintenance are then elaborated on so as to help establish the argument that, by focusing on failure and breakdown in technical artefacts and systems, their vital contribution can be brought to the fore. The article then moves on to suggest that prevailing cultural constructions, and imaginations, of the ‘infrastructure’ that sustains modern societies, actively work to push repair and maintenance activities beyond the attention of social science. To exemplify these arguments, the article explores in detail some of the repair and maintenance activities that sustain, first, the nexus between computer communications and electricity and, second, the system of automobility. The article concludes by excavating a politics of repair and maintenance in modern cities and societies.