Public domain images from J.J. Thomas, Illustrated Annual Register of Rural Affairs for 1876-7-8, Luther Tucker & Son (1878) scanned by Google Books from Ohio State University Library

Basic CyberSecurity

Public domain image of fence from J.J. Thomas,
Illustrated Annual Register of Rural Affairs for 1876-7-8,
Luther Tucker & Son (1878) scanned by Google Books
from Ohio State University Library
Some former Obama Administration folks have asked for advice on what do to re: cybersecurity now that they are using non-government equipment. Since we each have a different threat model and different setups that advice should be very different, person to person. BUT, for the folks I know, no matter who you are, or what setup you have, start with:

1) Use two factor authentication. the Electronic Frontier Foundation (EFF) has handy guides to turning it on at many major services. If yours isn't listed, check this two factor resource maintained by Josh Davis.
2) Use a password manager so that using unique, hard to guess passwords is easier than using bad ones. Also use the password manager to store your fake answers to those insecure security questions, such as "what is your mother's maiden name?" EFF has a great video about password managers suggestions and Wirecutter has some suggestions about which one to use.
3) Keep your operating system and applications updated. If you are no longer using an application, consider deleting it.

The three steps above are relatively simple to do and shouldn't take more than a half hour to set up. There is no excuse for NOT doing them. They will save you from many, many, many, many types of attacks and heartache.

Public domain image of barbed wire fence from
.J. Thomas, Illustrated Annual Register of Rural Affairs
for 1876-7-8
, Luther Tucker & Son (1878) scanned
by Google Books from Ohio State University Library
One additional thing I suggest, particularly if you are involved in anything sensitive, is to think about what information about you is accessible by others, such as your friends, the places you work, and the providers of the services you use. Threats may get information from those sources, instead of you.

For more information, please take a look at the EFF's excellent Surveillance Self Defense guide (which is labelled surveillance but could really be labelled "privacy" or "security").

And, if your threat model includes the government getting access to your devices at a protest or as you cross the border, there are some other important things to consider.


Photo by Doc Searls, CC BY-SA

Alexander Macgillivray, also known as "amac," is curious about many things including ethics, law, policy, government, decision making, the Internet, algorithms, social justice, access to information, coding, and the intersection of all of those.

He worked on the Biden transition team and administration, and was part of the founding team at the Trust & Safety Professional Association and Alloy.us. He was also a proud board member at Data & Society and Creative Commons, and an advisor to the Mozilla Tech Policy Fellows

He was Twitter's General Counsel, and head of Corporate Development, Public Policy, Communications, and Trust & Safety. Before that he was Deputy General Counsel at Google and created the Product Counsel team. He has served on the board of the Campaign for the Female Education (CAMFED) USA, was one of the early Berkman Klein Center folks, was certified as a First Grade Teacher by the State of New Jersey, and studied Reasoning & Decision Making as an undergraduate.

For more about what he is proudest of during his last few jobs see:
For a more resume-like experience, check out his LinkedIn.

Photo by Yash Mori, White House Photographer

Not Working in the Trump Administration

I was asked by a reporter recently about whether I would have continued on in my job as part of the Trump Administration. I said no and for me it was not a difficult choice. I wanted to elaborate a bit on that here in case useful to others.

First though:

a) I have friends who made a different choice. Everyone's situation is different, everyone's potential job within an administration is different, and we all have our own ways of thinking about this issue. I believe that thinking about the moral and ethical implications of one’s work is important, as do all of the people that I have talked with who are staying. I would like to see more folks think about those implications, both in government and outside of government.

b) I am strongly supportive of the various indications I have heard about this Administration’s continuation of the Obama Administration’s agenda to improve government services by improving federal tech, and am optimistic about what might be done in that space with the support of the strong group of people who have offered to stay. The office of the U.S. Chief Technology Officer, the U.S. Digital Service, the Tech Transformation Service (including 18F, the Presidential Innovation Fellows, and many other parts), the agency Digital Services teams, the offices of the Chief Information Officer (CIO), Chief Information Security Officer, Director of White House IT, agency CIOs, and the rest of the digital family in government still have a ton of work to do to make government more efficient and effective on behalf of all of us. I believe in a functioning government that is effective at delivering services for people. A thriving government digital family is essential for those efforts. And, that work has been supported by Republicans and Democrats. It was hugely supported by President Obama and there are indications that President Trump’s team is also supportive.

N.B. I feel the opposite way about President Trump’s tech policy agenda, see e.g. the rumblings about Net Neutrality.
c) I am fortunate to have many privileges others do not, including the privilege to choose where and with whom I work. Those are real privileges that not everyone has. I was born lucky and got to go to excellent schools and jobs over time, which led to connections, additional privileges, and more. I am white and male. Being able to make the decision not to take a job is a privilege that is unevenly distributed. Furthermore, in talking with some career civil servants, some feel the very idea of getting to choose which administration to work for is a form of spoiled entitlement.  There are people who have been quietly serving on behalf of the American people for 40 years. People who have made life better for Americans under Presidents that they disagreed with. These are many of the folks who were critical in explaining government to me and helping me use its tools during my tenure. If our entire civil service turned over every time the Presidency changed, our government would function significantly worse, if at all.

d) It is also unclear to me how much of an administration's policies people should consider when trying to ethically evaluate being a part of an administration. Clearly, I shouldn't be involved in something I believe to be ethically wrong. To what extent am I also responsible for what the other ~2.5 million government employees do? What about the President?

Anyhow, all of the above is just to reiterate that there are many reasons others have to choose to stay. I respect and thank those that have stayed. They have important work to do, and I admire them for doing it. But it is not the right decision for me.

I told the reporter I would not continue on as Deputy U.S. CTO  for a constellation of reasons.

1) First and foremost, my job as Deputy U.S. CTO was very connected to the President's agenda. That is one of the reasons people in those types of jobs historically tender their resignations before inauguration. It does not make much sense for the President's inner circle and the circles around them to be actively opposed to the core of the President's agenda. I strongly disagree with large swaths of President Trump's agenda (at least as far as I understand it).

2) I believe I can contribute to protecting the values I care about from President Trump’s agenda (see point (c) about privileges above). I think protecting those values is important, and I think I can do that more effectively outside of the federal government. These decisions about where to work and what to do are inherently political in part because of the opportunity cost of whatever decision one makes. Working in the office of the U.S. CTO is an incredible opportunity but comes at a cost of not being able to do other things.

3) I had the opportunity to serve in an incredible job for over two years. I tried to do as much as I could during that time. There is a lot more to do, even in areas of bipartisan agreement. I believe in fresh legs and the advantage of having new perspectives and energy on those issues.

4) My work-life balance hasn't always been great. It was time for more life in that balance.

These thoughts are a bit raw and draft but hopefully they can be helpful to others as they make their own decisions.