Edward Felten, the Robert E. Kahn Professor of Computer Science and Public Affairs, recently returned to Princeton as the director of the Center for Information Technology Policy. Felten, who studies the intersection of public policy and information technology, served as a technology adviser at the Federal Trade Commission and the White House during portions of the Obama administration. Felten participated at the Princeton-Fung Global Forum in Berlin on liberty and the digital age in March. He spoke about his experience working for the U.S. government in a recent interview.
Ed Felten has spent decades exposing glaring weaknesses in the computer systems that run modern society. He provided key testimony challenging Microsoft's early dominance of internet browsing, battled the recording industry over its attempt at creating digital copyright controls, and fought voting machine companies over security and transparency.
A few years ago, Felten took his expertise inside the government, accepting a post at the Federal Trade Commission. After a return to Princeton, he followed with a tour of duty inside the White House. Felten said the work was often difficult, frequently stressful and always rewarding. More than anything, it drove home the critical role that technology plays in public policy — and the urgent need for technologists to get involved.
One of Felten's messages is that technologists can, and have, made concrete improvements in government operations. He tells a little-known story of a team of engineers who rebuilt the Healthcare.gov website after its problematic launch. The engineers did not stop there: they moved on to shore up and rebuild systems from Veterans Affairs, the Defense Department and a range of other agencies. The work was possible because top industry engineers were willing to take short-term government positions because they felt they could make a difference — and they did.
"Computer scientists need to develop a culture of government service," Felten said. "I think it should be evident right now that it is not the best thing for our field, or for society, to sit back."
Felten said society is facing significant, rapid changes from developments ranging from self-driving cars to artificial intelligence. If society is going to adapt to these developments and avoid disruption, technical experts must play a central role.
"If our community of scientists and engineers doesn't show up and participate in the process, the decisions are still going to get made but they will get made without the full input they need," Felten said. "It is very important to show up."
As deputy chief technology officer, where did you fit in?
Within the CTO's [chief technology officer's] office we all provided policy advice related to information technology, in one form or another, or related topics around technical innovation. And because there is so much subject matter to cover, and so many things going on within the government, we tended to split up the workload. But there were not hard and fast lines on who did what.
I came in with some expertise in cybersecurity, and with more depth of expertise in some areas of computer science than some of the others had. And so I tended to work on those things where I had more background or expertise, and they would work on ones where they had more background or expertise. And some of it is just based on who has free time, or needs to do something. We all worked on a very broad range of things, because there's a lot of territory to cover with just a few people.
What was the atmosphere?
It's very tight quarters there. … In our office we had some who'd come from industry, we had some who'd come from academia, some who had come from other government agencies. Most of the seats in our office were filled by people who were on a tour-of-duty model, people who had backgrounds all over the place, and were coming in to spend a couple of years working in the White House.
The work is pretty much nonstop. And when you're not there you're at least on call a lot of the time. I once did the thing where I landed at the airport and ran through the airport and jumped in a cab and said, take me to the White House.
What was that about?
That was national-security related.
Can you describe some of the more public issues you handled?
Probably the thing I spent the most time on was artificial intelligence and machine learning. The administration started an initiative on AI and machine learning while I was there, and I was the quarterback for that. And that involved holding a series of public workshops and conferences, doing a bunch of briefings of officials in the White House and across the government, and setting up an interagency group to coordinate across the government. And then doing a couple of big public reports on artificial intelligence that we published in the fall of 2016. [The reports are no longer available at the main White House website; they can be viewed here.] So that was one of my work streams.
I did work on cybersecurity, both big-picture policy questions, but also dealing with specific events. And I spent probably less time working on cybersecurity than I would have guessed going in. Probably because I don't think I fully appreciated how many other things there were that would demand my time.
The Office of Personnel Management [OPM] data breach was discovered around the time I arrived at the White House. This was a break-in to the office that keeps personnel records and security clearance records for most of the government. And they had a big data breach in the spring of 2015. And so just about when I arrived was when the government was starting to react to that breach. And so issues of data breaches and cyberattacks against the U.S. government and against infrastructures and so on, they were front-of-mind through the whole time I was there.
The OPM breach was discussed a lot, and there were different aspects to responding to it. One was specifically, what do we do about this particular data, what does the government need to do to help or protect the people whose data was specifically leaked, and that included a lot of people who worked in the government at the time. And then there was the question of what should be done longer term to try to get the government onto a better posture in terms of cybersecurity. And I also worked on that, and that led to something called the Cybersecurity National Action Plan that ended up getting announced in February of 2016. And the president rolled that out in mid-February 2016.
Are you happy with how the issue was resolved? Are there still problems to be addressed?
The action plan that came out as a result of all of this had many different lines of work in it. And they're useful and valuable, but they're not going to put us into a position where we can stop worrying about this issue. On cybersecurity we're going to continue to need to up our game, and we're not yet to where we need to be. And there are both some fundamental long-term issues that the research community is working on, and needs to keep working on, as well as some things that we can do in terms of better management and better practices, both within the government and across the whole technology ecosystem.
How much of it is a question of complexity? You can secure the energy department, but if it has a computer that connects to a less secure agency, you have a new problem.
Right. So, the government has about 4 and 1/2 million employees overall, and roughly half of those are in the Department of Defense. But more than 2 million are outside DOD, so that's a lot of people, and many different offices, many different missions, and separate management. One of the lessons, I think, is that we would benefit from having more unified management of certain aspects of IT [information technology] across the government.
There are systems that never seem to work, or that never get finished. How does that happen?
It's complicated. And some of it has to do with too much division of responsibility between different parties, some of it has to do with over-reliance on outside contractors, and too much fragmentation of the work that contractors are doing. So you have a situation where nobody is quite in charge, in the right way. But things can get turned around quickly.
One of the high-profile stories of government IT, which happened before I arrived but was fresh in everybody's mind, is the HealthCare.gov website. … I worked with some of the people who had been involved in it. And in some ways it was a typical story of a government IT project gone wrong.
But what was kind of remarkable was that after the system had such a terrible debut, they brought in a relatively small team of great engineers. And just as importantly, there were changes made to empower the tech people who were already in the government, who had been trying to work on these problems. And they were able to turn the system around, technically, in a relatively short period of time, in just a few months.
That is a less-known part of the story.
More interesting is the story of what happened afterward — so they brought in this team and they worked incredibly hard for a few months, and got the Healthcare.gov site onto a firmer footing. And after that the leadership did something that I think was really smart. They said, this was great bringing in this tech surge, but what we need to do is two things. We need to have more people like this, so we can surge on more than one thing at a time, we can have multiple teams, number one. And number two that we need to be able to send people in before the system is in big trouble.
And so this led to the birth of a group called the U.S. Digital Service, which was really born out of the HealthCare.gov rescue effort. And USDS eventually grew to more than 200 people, and they had teams working in quite a few agencies around the government. I thought of them as the tech special forces, that they would get sent in in small teams to work on the most difficult, highest-profile technical things that were going on. So as an example, a team got sent to the VA to try to untangle the processing of veterans' health claims. Something where the backlog of claims processing had grown to a really scandalous level.
Well, the backlog did come down and down and down. But it took a lot of work. And not only did it take a technical effort to automate things, but also a lot of breaking of bureaucratic logjams just to simplify the process. … But it turns out that if you can sell people on the mission that they'll be working on, and convince them that they will be able to move the needle in getting that mission done on behalf of whoever the population of Americans is that they're helping, that you can.
To return to the artificial intelligence reports — what was the purpose of effort?
There were several things that motivated the reports. One, AI was getting such attention in industry. Companies like Google and IBM were saying, and are still saying, that AI was the most important subject they are working on. So the intense interest from industry was driving it. Two, people from the technical community were talking about the advances in AI that were happening in the lab, tasks that 15 or 20 years ago were considered to be far in the future that AI could now do. Tasks like image recognition, which for years had been notoriously difficult: Now machines were often on a par with humans. Language translation and self-driving cars are other examples.
Then there were long-term concerns about AI raised by people including Steven Hawking and Elon Musk. The idea that one day we might make a machine of superhuman intelligence and lose control of our destiny. There had been a bunch of public talk about that, and that motivates government taking a look. This was people reading things and hearing things and this idea being in the air and an institutional sense that we need to look into this.
All of those things led to the idea that we, the government, should look into these things and better understand how AI affects the missions of government. To crystallize everything we had learned about AI and to focus specifically on issues that were important to public policy.
The work resulted in two comprehensive reports; what was the conclusion?
The general conclusion was that AI really is as important and transformative as many people say. AI is up there with the internet and mobile computing as a major transformative technology. There has been work on AI arguably going back to the '40s, but it had been slow going. Around 2010, there seems to have been an acceleration as a result of a combination of big data sets, faster computers and also improvements in AI algorithms. Some people in the field have the sense that a critical mass occurred that allowed the field to surge forward and that led to an increase in attention and research and development.
Much of the impact is still to come. It is not a mature technology by any means. It is emerging as a new technology and it will be some years before we see what the full impact will be.
Do you expect to continue the work at Princeton?
I expect to do more work about artificial intelligence and policy. We have a strong and growing AI group here at Princeton, and I hope to collaborate with them on the more policy-related questions: how to ensure that when AI is used to make decisions about people that accountability and fairness are protected; the likely impact of AI on the economy and on jobs.
We can always improve, but I think Princeton is in a good position to work on these issues because the University is very strong in all of the relevant disciplines, and we have a history of working effectively across these boundaries. There is a growing community of people from both technical and policy backgrounds working to build bridges and ensure that technical thinking is built into policy and that designers of new technology think about the policy implications. One of the main things I did in government, and I am trying to do at Princeton, is to increase that dialogue.