OPINION: PET campaign is troubling – Research should be freely disseminated, not protected

Three AU researchers find the latest campaign by PET on “research security” quite troubling, and are also disappointed in seeing that it has received significant support among those with a position of leadership at Danish universities.

One of the PET campaign messages, displayed at a bus stop on Nørrebrogade near Aarhus University. From above: Professor Claudio Orlandi, associate professor Diego Aranha and professor Ivan Bjerre Damgård. Foto: Omnibus & private

This is an opinion piece. The views expressed, are those of the authors.

We are a group of faculty members from the “Cryptography and Security Group” of the Department of Computer Science at Aarhus University. We believe that our profession made us develop a generally “security oriented” mindset (or “paranoid” if you prefer). Despite this, we find the latest campaign by PET on “research security” quite troubling, and we are also disappointed in seeing that it has received significant support among those with a position of leadership at Danish universities. 

While we do not have any reason to doubt that PET is correct in their assessment of a persistent threat against Danish universities, we believe that the campaign and the measures it will lead to are somehow off the mark.

Research should be freely disseminated, not protected

The PET campaign suggests that we should protect our knowledge and research from falling into wrong hands. While this notion might appear reasonable to those unfamiliar with research practices, it starkly contradicts the fundamental principle of “Open Access”, stating that all research should be freely disseminated and made accessible to the general public.

Furthermore, as researchers, we bear a global responsibility to contribute to making the world a better place, not just our own backyards. For instance, our research focuses on cryptographic methods aimed at safeguarding communication, personal data, and other sensitive information. Such technologies play a crucial role in countering threats like mass surveillance and censorship, particularly against authoritarian regimes where these threats are much more relevant than in our country. Therefore, we truly hope that our research will find its way beyond Danish borders, reaching regions where its impact is most crucial.

There is a difference between “research” and “infrastructures” 

In the report “Er jeres forskning i fare?” PET mentions three instances of espionage at Scandinavian universities. From what we can tell, none of these episodes involves “research” per se, rather leaking of otherwise sensitive information and unauthorized access to university infrastructures. We use the term “infrastructures” broadly: depending on the research field, this could entail IT systems containing personal data, dangerous chemicals, lab equipment, etc. The solution to this isn’t to limit collaboration with foreign researchers, but to implement better security policies and access control at our universities. Regrettably, as a consequence to years of cuts to administrative support, a significant number of researchers today are compelled to use “back end” systems filled with sensitive information, thus increasing the attack surface.

PET should do their job, universities theirs

We are concerned that the PET campaign will result in additional screening steps when hiring researchers from specific countries. For instance, as PhD advisors we might in the future be asked not only to evaluate the academic credentials of a candidate PhD student, but also to assess the perceived threat they may pose if hired.

We are truly grateful for the work that PET does everyday in identifying and preventing threats to the Danish national security, and we believe that this responsibility should remain with them, rather than being delegated to universities and researchers. We do not believe that we have the resources nor the competences to correctly evaluate these threats. Outsourcing this task to universities risks creating an environment where supervisors, in an attempt to err on the side of caution, may unjustly discriminate against candidates from certain countries without valid cause. It's worth noting that such screening policies would not have prevented the espionage case in Norway, where the perpetrator held a nationality distinct from the country they were serving.

People leave undemocratic countries for a reason!

Throughout our research careers we’ve had the privilege to work with many talented researchers from a multitude of countries, including those that PET deems dangerous. Many of these individuals have left their home countries looking for opportunities in Denmark or other democratic nations, driven by a deep dissatisfaction with their own governments. Often, their decisions are also motivated by personal experiences, such as women escaping oppressive regimes or individuals seeking refuge from discrimination against minorities like the LGBT community. Even the academics who remained in their home countries often stand at the forefront of progressive movements within their societies. Collaborating with them might as well be one of the best tools we have in supporting their struggle and the positive change they seek to bring to their societies.