A Career in Technology Policy: How to Get Started and What to Expect

/ Christopher Parsons
Photo by Markus Winkler on Pexels.com

Interest in technology policy has grown significantly in recent years. As governments, regulators, civil society organizations, companies, and research institutions grapple with the social, legal, and political implications of digital systems, more students and early-career professionals are trying to figure out how to enter the field and what working in the field entails. That interest is encouraging, but based on my regular discussions with entrants into the space, it’s evidently a somewhat opaque field.

In this post, I try to offer some practical experiences and thoughts on what technology policy is and how to break into the space. I begin by explaining how my own educational and professional background have informed my entry into technology policy, and how technology policy differs from more general policy work. I then turn to questions about entering the field, including useful early entry points, the skills that I think matter most, and how technically fluent you need to be to work in this space. From there, I discuss what the work often looks like in practice and offer some reflections on career progression, including the shift from individual-contributor work into management. I conclude by providing some materials that people can explore to strengthen their ability to enter the technology policy space as individual contributors.

As a note at the top: my suggestions here are all based on my own experiences and in line with my own interests in digital privacy, cybersecurity, data security, national security, and the various associated topics I’ve written about over the past 20 years. It’s also reflective of my own career development and experiences. While I’ve tried to be general enough for the advice to be broadly helpful to people who are looking to come into the field of technology policy, my advice may be inclined towards my own professional interests in some places (and in particular with regards to recommended sources at the end of the post).

1. Orientation to the Field

1.1 How has your educational background informed your entry into the technology policy field?

I have a strong background in philosophy which undergirds why I think that it’s essential that the technological systems we rely on are secure, enable private communications, and do not enable or exhibit undue coercion upon their users. Throughout my undergrad and my master’s degrees I also did some work in information technology, which further exposed me to technology on a very hands-on and practical level and gave me a sense of both how powerful networked systems are when they function well, and how frequently they fail in ways that are harmful yet invisible to most users.

I learned a number of key skills throughout my academic training that continue to serve me well. First, my background in philosophy often lets me argue for the value and importance of private and secure systems from first principles. This helps when I’m talking about a particular issue and also in grounding my assessments of new systems or technologies. This includes assessments of how they may establish or reinforce inequitable social or political structures.

More broadly, I learned how to read quickly and deeply, how to form questions that lead to productive analyses, and how to apply fair critique of other arguments. Some of my best classes at the graduate level focused on how to give verbal presentations; these included learning the difference between delivering a spoken versus written argument, as well as the ability to lengthen or truncate a verbal summary of a topic with little or no warning. These are not ancillary skills or purely ‘soft’ skills because, in my experience, technology policy work involves moving between written analysis and spoken briefings under variable time constraints.

I will say that for me, personally, the most useful courses that I took in terms of having direct applicability to what I do today were around formal understandings of policy processes. I rely heavily on agenda-setting literature to strategize policy interventions. Having a good theoretical understanding of how policy groups form (and oppose and support one another), how problems and solutions and policy windows arise and can be exploited or denied, and ways in which policy actors can coordinate (or not) with one another has provided me with a theoretical framework for understanding policy processes.1

Aside from my formal academic work, I also spent a great deal of time working in public. I’ve run a blog for almost 20 years at this point (though it’s gone quiet since joining the Office of the Privacy Commissioner of Ontario) and, through it, I assessed various technologies, policies, and pieces of legislation in an open forum. This forced me to get used to writing for diverse public audiences, and served to introduce me to a range of my professional contacts and colleagues. It also helped to advance the consulting work I’ve done in the past as well as secure sought-after academic positions because employers and supervisors alike knew of me and my work through my writing before we’d ever met in person. In practice, this meant that my work was often evaluated before I was.

I can’t emphasize the value in putting your work out there when you’re starting out. Few employers are really looking for your positions to be perfectly aligned with their own, but it’s rare that someone is focused on a policy area and writes about it at length without financial compensation. If you’re doing that, then you’re almost certainly going to stand out amongst a group of applicants for a technology policy role.

I appreciate that writing online can sometimes expose you to people who attempt to harass you or otherwise behave inappropriately. It’s a real problem and I don’t want to diminish it, but finding an outlet (even if under a pseudonym that you selectively reveal to people) can help strengthen your communication and analysis skills. The goal is not just visibility for its own sake, but developing a sustained practice of articulating and defending technologically-informed policy positions or ideas to a non-specialist audience.

1.2 How does technology policy differ from more general policy work?

Technology policy is unique because it persistently considers the ways in which a given technology intersects with a policy issue. A policy analyst, by way of contrast, may come to technology as a secondary element of whatever they’re examining.

Put slightly differently, a technology policy advisor should have a greater degree of technical acumen concerning those systems or technologies that are at play, and also (often) have a view of a policy area that is a little more extensive than is otherwise typical. The distinction is not that technology policy is just “more technical,” but that technical understanding is often the starting point for policy analysis rather than a supporting input. Let me explain by way of example.

Years ago when I was looking at Automatic Licence Plate Recognition (ALPR) systems with a group of colleagues, our first angle of assessment was “How do these technologies work? How efficacious are the computer vision systems that are being used? What are the statistical implications of the system correctly reading license plates 80-90% of the time?” From that technical understanding of the system, we assessed (and critiqued) the policy work that had been undertaken by the police force in question and argued that the ways in which the technology operated meant that the assessments of how the ALPR systems impacted Canadians’ privacy were incorrect. In other words, the policy conclusions were only as sound as the technical assumptions that underpinned them.

Could a policy advisor have reached a similar conclusion? Yes, they probably could, but only if they possessed or were working with people with technical knowledge of computer vision systems and Bayesian statistics, which were key to our analysis. Absent that, there was a risk (and in practice a reality) that the organization using the ALPR system would accept vendor claims or institutional assumptions at face value.

In my experience, most technology policy work has to be interdisciplinary. Most of us operate somewhere within a triangle of technical expertise, law, and policy or politics. Different technologists lean toward different parts of the triangle and will have different sub-specializations (e.g., health technologies, educational technologies, cybersecurity, AI systems, etc.) but are almost always situated somewhere within that triangle.

Also, most people doing technology policy work have a strong baseline understanding of certain concepts that broadly apply across most policy domains. These days that often means:

  • a core understanding of how certain modes of encryption work.
  • how AI systems operate and the implications for privacy and cybersecurity and equity (and, especially, the differences between different kinds of AI technologies and their applications).
  • a baseline understanding of applying the CIA principles to an information technology system.
  • a baseline understanding of how networking technologies operate and interoperate.
  • some understanding of how privacy enhancing technologies operate and when they are (or are not) appropriate mechanisms to protect information while enabling computational processes.
  • in your jurisdiction, some awareness of the keystone laws, legal decisions, or regulations that apply in the domains that you’re interested in. My career has often been focused on privacy- and cybersecurity-related items, but you might be focused on other areas including human rights, competition law, LGBTQ+ rights, gender equity policies and laws, or Indigenous rights, to name just a few.
  • a broad understanding of how different nations are approaching or regulating major technology issues. This will never be comprehensive due to the volume of activity internationally, but a baseline contemporaneous understanding will help in understanding possible policy options that are (or are not) on the table at any given moment. The expectation is rarely mastery across all areas but, instead, sufficient fluency to assess claims and identify when deeper expertise is required.

1.3 In Summary:

  • Educational and professional backgrounds can shape technology policy work in complementary ways.
  • The field rewards both normative reasoning and practical technical understanding.
  • Public writing can sharpen analysis, build credibility, and expand professional networks.
  • Technology policy differs from general policy work because technical realities often drive the policy analysis.
  • The work is inherently interdisciplinary and rewards broad fluency over universal mastery.

2. Entering the Field

2.1 What are some good entry points into technology policy, cybersecurity, or privacy for students and early-career professionals?

I think that you often have an underappreciated superpower as a student: you have time to read, to write, and to think. I know that things are busy with schoolwork, your professional activities, and any extracurriculars you may be participating in. But you really do have more time (and frankly more energy) than you’re likely to have when you’re in the workforce. So, during this time: read, read, read, and write, write, write. Get used to explaining new concepts to yourself and to a more general audience who may lack specialist knowledge. As a technologist, a core feature of your career is translating between different specialists who have more extensive domain expertise in law, technology, or policy/politics.

I’m biased but I really do think that a strong way of building your core competencies is to get a good degree in either the liberal arts or social sciences, while also either learning on your own or through coursework about technical subjects. This might mean getting a sub-specialization in computer science or engineering, legal studies, or other areas where you’re going to pick up useful skills going forward. The key thing here is less about acquiring job-specific knowledge and instead building the intellectual infrastructure so that you can quickly learn a new area of technology.

Aside from taking the time to read and write outside of just your coursework, I think that it can be very helpful to attend various free public events, conferences, or webinars to learn more about what people in your field are talking about. This will let you tap into the realities of the contemporary job market, and what you’re likely going to be expected to either know a bit about or quickly learn when you’re on the job.

You should also reach out and seek informational interviews with people who hold roles that you’re interested in. Generally these will be early and mid-career individual contributors but may also include early- or mid-career managers to learn about what they think is important in the market at any given moment. These conversations are often less about asking for opportunities and more about calibrating your understanding of the field.

2.2 What are some key tips for breaking into this field?

From my perspective, I can’t stress enough the value in reading and writing, and publishing your work and analysis in a public forum. If you’re in a technology policy role then most of your job is going to involve those skills and you need to practice them. And if you’re writing about a subject that you think might be of interest to a potential employer, to a regulator, to a politician, or another interested party…then just share your work with them. This rarely happens and can be a good way to start a relationship with people or organizations, which may pay off in the longer term. The act of sharing your work is often more important than the immediate response.

Attending conferences or webinars is good…but you also ideally want to ask a question or two as well. Most people go to conferences but don’t say a word. You’re going to stand out if you pose a few well-considered questions. And if it’s in person, go up to the presenters after the panel and thank them, or email them if it’s a virtual webinar. You don’t need to say much but even expressing your appreciation (and potentially sharing a business card that has your website or LinkedIn profile) can set you apart. It’s pretty common for professionals to talk amongst themselves, out of your earshot, and so while the person you speak to at a conference may not have a role for you, one of their colleagues might.

While it’s common to attend conferences you can also see about working with your faculty or professional network to host your own webinars, and then invite the speakers that you’re interested in getting to know. If you’re successful, you’re already giving back to the broader community and building your relationship with potential peers who you invite onto the panels that you run. This shifts you from being a participant in the field to someone helping to convene it.

Moreover, depending on your inclinations and expertise, you can also consider writing op-eds or submitting comments to government hearings. In Canada, as an example, if there is an important technology policy issue that is taking place — perhaps ISED is holding sessions on AI systems or ETHI is looking at policing technologies — then consider preparing your own submission. They don’t need to be terribly long, but it is rare that individuals submit to these. However, I can guarantee that the people who are interested in that issue will, at a minimum, see your name and it’s unlikely that any of your peers will have done the same thing. Further, you’ll have shown an interest in a given topic well in excess of a social media post: you’ll have gotten into the ring and provided your opinion on a topic that you likely want to focus on in the next steps of your career.

Finally, consider how you can serve the community that you want to join. If there is a webinar that you attend, then consider writing a short summary of it and sharing it publicly, and letting the panelists and organizers know. The same applies to government committee hearings: there are fewer and fewer working journalists, and so if you’re doing the initial heavy lifting of summarizing and truncating what is happening in hearings then your work is likely to be what people read to get the TLDR. Most professionals are overwhelmed with a lot of things to read and keep on top of; if you’re reducing the work on their plate then you’re likely going to stand out amongst your peers while simultaneously building your own expertise.

2.3 What skills matter most early on: writing, research, technical fluency, policy judgment, or networking?

I’m biased on this but I really think that clear writing is essential, and should be combined with an ability to quickly undertake sufficient technical research to speak knowledgeably about a given subject and its potential policy implications. Most technologists are generalists; we know a bunch about a lot of different things, and then quickly up-skill on an as-needed basis. The key is not exhaustive knowledge, but knowing how to get to a defensible understanding quickly.

Your policy judgement is, frankly, something that develops with time and experience. Over time you will gain an appreciation for the nuances of different arguments or positions, and there are a range of different positions that you might take. Not all technologists agree, for example, on how to combat online harms, what costs are acceptable in making the internet “safe”, the economics that underlie protecting people online, or whether the solutions are linked to regulation, law reform, changes to baseline competition theory, or encouraging modifications of the technologies themselves through soft law (as just a few differences).

As you develop your knowledge of the areas that matter the most to you, this will help you figure out who to network with. Are you interested in joining a government agency, a regulator, a business association, civil society group, or consultancy? You’ll probably only really start to understand the answer to this question as you get involved in a policy area, explore the different actors, their positions and behaviours, and which ones resonate both with your values and your perception of policy problems and solutions. In this sense, networking is often an output of substantive engagement rather than a separate activity.

2.4 How technical do you actually need to be to work credibly in this field?

To first land your role you want to have a core underlying foundation of how baseline technologies work and, ideally, have begun your specialization concerning a few technical areas that most interest you. You aren’t going to be an engineer or a computer scientist — and so you can’t necessarily build or repair a given technical system — but you should know enough that you can have a reasonable (if perhaps basic) conversation with people doing engineering or development work. The goal is really one of fluency as opposed to expert-level depth.

How might this manifest? Let’s say that you’re interested in the issue of content control online, and whether it should be controlled at the operating system, application, or network level. You’d want to be familiar with basic aspects of computer networking and the network stack, the ways in which they interoperate, and the high-level ways in which content controls might be applied and what this means for surrounding technologies. If you control content at the operating system level, how might these controls be used to advance other policy issues, or if this were done at the application or network level? What actors would be most involved in any of these approaches and why might they hold similar or different positions? How would you predict they’d react to different policy options and where are the protests genuine?

If you have an opportunity to work even doing baseline IT helpdesk roles, or building websites or other “simple” infrastructure or systems, or really testing AI models, then I’d encourage you to do so. Even if you’re volunteering or doing stuff on your own. The actual practice of handling technologies and experiencing what it’s like to operate, or repair, or develop them will teach you volumes that are unlikely to ever be communicated in a classroom setting and almost certainly not when reading academic literature. Even limited hands-on exposure tends to help you think through issues or questions of feasibility, risk, or implementation when evaluating a technology solution that might be linked to a policy issue.

2.5 In Summary:

  • Early-career people should consider using their spare time to read, write, and build analytical habits.
  • Entry into the field often comes through sustained engagements rather than a single formal pathway.
  • Clear writing, quick research, and technical fluency matter more early on than polished policy judgment.
  • Networking tends to be most effective when it grows out of substantive engagement.
  • Hands-on technical exposure can improve policy analysis by grounding it in operational reality.

3. What the Work Looks Like

3.1 What is a regular day-to-day life of a technology policy advisor?

It’s a lot of reading, writing, and (as you’re able) learning about the activities that are occurring in the policy space that you’re working within. Whether you’re working for government, a larger company, an industry association, civil society group, or think tank affects the more specific day-to-day, largely because of different organizational goals and resourcing. The common core is fairly stable; what changes is pace, process, and the kinds of outputs that you may be expected to produce. In practice, this means that you’re often moving between reading source materials, drafting or revising documents, and participating in meetings where that work is discussed or redirected.

If you’re in the government you’ll likely be assigned to producing a lot of briefing notes and undertaking early policy work, ideally under the mentorship of a more senior member of the bureaucracy. Consistency and accuracy are going to be particularly prized, even when this comes at the cost of speed. Larger companies may move more quickly but still often have a larger bureaucracy which comes with an inherent drag on speed. In both cases, part of the work is not just producing analysis, but producing it in forms that can move through the organization. Further, your work is rarely “one and done”; it tends to move through multiple rounds of review, comments, and revision before being finalized.

Industry associations, civil society groups, and think tanks all tend to move a lot faster than other organizations. They are often under funding pressures which require a higher rate of delivery, often under significant time pressures and with certain knowledge deficits, and are regularly focused on achieving particular objectives.2 That speed (and potentially real-world impact) can be exciting, but it also means that you’re regularly expected to get up to speed quickly and produce useful work with incomplete information. You may find yourself shifting quickly between topics which often means having less time to fully master one before moving to the next.

Depending on the role that you have, you may also be supporting more senior colleagues in preparing talks, organizing panels, preparing draft emails, taking notes in meetings, or other kinds of administrative work. A hidden secret is the more unglamorous work you take on, the more you’re likely to learn while simultaneously ingratiating yourself to your more senior colleagues. Much of this work gives you exposure to how decisions are actually made, what senior people worry about, and how organizations communicate.

3.2 What kinds of materials do you read as an individual contributor? What changes, if anything, when entering a management or director role?

When I was at an academic think tank I read a lot of books along with breaking news, publications from trade journals, and specialist texts. I wasn’t publishing extensively in academic journals and so my focus wasn’t so much on academic papers — frankly, only select journals were of immediate use in developing new policy ideas and few provided me with up to date knowledge of different technologies. Some policy journals and law journals were most useful for my own work, though this can vary based on your preferred specialization. This isn’t to suggest that academic work is without value, but rather that it’s often not the most operationally relevant source for the work I was doing. However, outside of pretty rarified jobs you won’t have access to any closed source journals once you have your first policy job outside the university, which renders the value (or lack thereof) of academic work somewhat moot.

Personally, I have cultivated a set of publications that I still check in on each day. Rather than rely on visiting websites, however, I use an RSS reader to bring publications to me. This saves a lot of time and creates a kind of ‘set it and leave it’ approach to obtaining relevant news and information.3 In practical terms, this lets me maintain a baseline awareness of multiple policy areas without having to constantly decide what to check.

I would regularly do deep dives when taking on a new project or exploring a new technology policy issue. This meant that if I was, as an example, doing research on government use of malware then I would comprehensively start to review relevant policy literatures, materials from think tanks, blogs and news articles, and would review public-facing webinars that had been posted online about the topic. This is an example of maintaining a baseline understanding of core technologies and their associated policy issues and subsequently going deep (enough) when I took on a new project area. That baseline-plus-deep-dive model is still how I think about staying current.

In my current role, and frankly before I left my last one, I spent time reading Harvard Business Review to understand different challenges that face leaders and managers, and ways of trying to overcome them. I also subscribe to a range of podcasts that cover leadership and management topics,4 in addition to attending courses that my employer sends me on.

Perhaps the biggest change in shifting from an individual contributor to a leadership role is that my time at work to read and keep on top of specific topics has plummeted. With less time available through the day I try to be strategic in what I do read, with much of my reading now occurring after hours or on vacation. That is one of the less obvious trade-offs of moving into management: your need to stay informed broadens at the same time that your available time narrows.

While I’ve led teams for a long time, assuming a formal managerial role led to changes in my professional activities and expectations. Centrally, I was responsible for overseeing and managing work, as opposed to being the person who led the work. This meant assigning work and setting expectations, assessing the work that members of my teams were providing and offering feedback, and taking on a whole host of administrative activities that consume an inordinate amount of time. The shift is not just in what you do, but how your time is allocated.

For myself, leading a mixed team of hard and soft technologists (i.e., those with technical operational expertise and technology policy expertise) means that I constantly need to track the broader strokes of what is happening in technical communities so I can effectively oversee the work of my technical team members, as well as the policy landscape so I can effectively oversee my technology policy team members. Whether you need to cover off both domains (or additional or different ones) will vary based on the kind(s) of teams that you’re leading. In effect, the reading becomes less about mastering one domain yourself and more about maintaining enough awareness to supervise, support, and challenge others effectively.

3.3 In Summary

  • Day-to-day technology policy work centers on reading, writing, meetings, and iterative revision.
  • The institutional size and organization can shape pace, process, and expected outputs.
  • Different organizations often reward different working styles and tolerate different levels of uncertainty.
  • Information management is a core professional skill: maintain baseline awareness, then go deep when needed.
  • Moving into leadership broadens what you need to track even as it reduces the time available to read.

4. Career Progression from Individual Contributor to Manager/Director

4.1 How do you know whether you should stay an individual contributor or move into management?

It’s really important to say up front: you can have a tremendously positive and meaningful career remaining as an individual contributor. You will operate as a deep subject matter expert over time and, depending on where you work, will be highly valued for your depth of knowledge and expertise.

Management means different things depending on the kind of organization you’re working in, and the level of management in said organization. But a core feature is this: you shift from managing your work and outputs to other people’s work or the organization’s direction. The closer you are to working directly with individual contributors, the more subject knowledge you’ll need to retain while, at the same time, needing to let your team come to their own conclusions and adopt work processes that are almost certainly distinct from your own. It can be very, very hard to go from being an expert individual contributor to a manager because you have to accept that what people do will be different and you don’t hold a monopoly on how the work is (or should be) accomplished. For many people, this is the most difficult part of the transition.

The best time and rationale to shift from being an individual contributor to a management role is because you want to be more involved in how the organization writ large operates and functions. But know that managing a team is very different from managing yourself, and the techniques and methods you used to regulate your own work will not translate directly. How you set expectations, review work, and support your team will require significant professional growth.

In short: if you are willing to take a step back from the expert work that you’ve been involved in, and instead assume a support role of enabling your team while simultaneously managing the particularities of each person on your team, then consider a role in management. But also, if you do it for a while and decide that it’s just not right for you, that’s entirely fine: there is no sense of failure in trying a different kind of career path and deciding that it’s not for you.

4.2 What changed most when you moved from individual-contributor work into management?

A formal managerial role can also broaden your awareness of the range of activities taking place in your organization. In my current role, I have a sense of everything that my team is doing and also (in narrower or broader strokes) the activities taking place across my organization, and in surrounding organizations as well. In effect, your perspective will change and will likely help you better understand why some decisions have (or have not) been made by higher-ups in your organization. You begin to see constraints and trade-offs that are less visible from an individual contributor position.

Another major change is that, as someone in management, it’s imperative that you become increasingly attentive to what you say, when you say it, to whom, and with what tone and framing. We have all been in a situation where our boss has said or done something that either brightened our day or ruined our week or month. As someone managing other people, you are in a position to uplift people or (likely unintentionally) ruin their days. This means that communication is of heightened importance. You will make mistakes and then it’s imperative that, as a leader, you recognize and work to address those mistakes. That might mean admitting that you phrased or said something in a way you didn’t intend, that you provided feedback that ultimately wasn’t helpful, or otherwise made an error.

Real leadership involves humility and a willingness to admit your errors, while also providing a vision for the team to unite under and drive towards. That’s easy to write and read, but a lot harder than people expect to put into action. Much of management is learning this through experience rather than instruction.

4.3 In Summary

  • Individual contributor roles can support long, meaningful, and expert careers.
  • Moving into management shifts responsibility from your own outputs to other people’s work and organizational direction.
  • The hardest part of the transition is often giving up control over how work gets done.
  • Management broadens perspective but redistributes time toward coordination, feedback, and administration.
  • Leadership requires more deliberate communication, humility, and comfort with learning through mistakes.

5. A Few Recommended Materials

Technology policy is a massive space and there’s no way that I can offer recommended readings or podcasts that will comprehensively cover all of what you might pursue in your career. So take the few recommendations below (in excess of suggestions in the footnotes) as things I’d suggest if you’re looking to break into the space with a focus similar to my own on privacy, cybersecurity, and telecommunications-related matters.

  • If you’re looking for work, or to understand what Digital Rights-related policy careers can look like, then I’d strongly recommend reviewing the newsletters that are published by The BHR Group. Each newsletter also tends to have an interview with a notable figure in the field, which can provide further insights into breaking into the space.
  • Ross Anderson (2020) Security Engineering (3rd Edition): This is an extraordinary book — the second edition was immensely helpful in laying out just how broad a field security engineering is and what topics I was more (or less) interested in. Ross’ book covers the landscape in a truly impressive way and after you read this book you’ll be very well situated as a generalist in the field.
  • For written news, I’d suggest: The Register, Wired, 404 Media, Zack Whittaker’s ~this week in security~, Ars Technica, Schneier on Security, Binding Hook, Michael Geist’s blog, The Logic (if you’re looking at the Canadian policy space), and Clayton Rice K.C.’s blog. There are others that you can find and add, such as non-profits and academics and NGOs but this should provide you with a regular set of news that surfaces most major pieces of information to you.
  • For podcasts, I’d suggest: Three Buddy Problem (cybersecurity), Babbage (general interest science), Inside Cyber Diplomacy (international relations and cyber), LawBytes (Canadian tech policy), and The Cyberlaw Podcast (now defunct, but excellent back catalogue). There are other specialist podcasts that you might also listen to but these can help identify a few areas that are of more, or less, interest.
  • YouTube channels I’d recommend include: David Fraser’s Privacy Lawyer, Black Hat, DEFCON Conference, Stanford Tech Impact and Policy Center, and IBM Technology. Many of these are technically focused and even if this isn’t your strength I’d encourage you to watch them to start developing an understanding of the language, concepts, and issues that often come up in this policy space.
  • Figure out a reliable way of archiving information, ideally that is easily searched and that is available publicly, such as after you join a new employer. This is where you’ll build up your sources associated with topics of interest so that you can search for them or rediscover them long after you’ve forgotten about them. Ideally you’ll also be able to leave notes to yourself or annotations on what you’ve read. You could use a service like Zotero though personally I’d recommend Raindrop.io for its ability to annotate the web, tag content, run semantic searches, and for its archiving functionalities. Regardless of what you use it’s important to find, and settle on, a way of reliably tracking what you’re reading.

In Closing

Technology policy is a tremendously exciting area to work in. It is always changing and evolving, and you must learn constantly to even try to stay on top of things. It’s a space that is filled with novel technologies and a key challenge is often determining if those technologies require new policy interventions, applications of existing practices, or whether they present a new face to long-unsolved challenges. It is also a space that is expanding a lot: whereas in the past it was filled substantially by ‘digital rights’ experts, it is increasingly being filled in with experts in human rights, competition law and policy, labour rights, LBGTQ+, children’s rights, and more. The result is that there is an ever-growing degree of complexity, and more and more things to consider when assessing a technology and its associated policy issue, as well as a demand for remaining open minded and willing to work with people from all walks of life.

It’s truly one of the coolest and most exciting areas to work in, and one where doing a good job can literally affect the lives of millions of people depending on the scale of the policy issue and where you’re situated. I can’t recommend it enough and hope that this has been helpful in guiding you through the maze of figuring out what technology policy is, what it can be, and where you might fit amongst us.

  1. Some specific books that I’d recommend include: ↩︎

    • Howlett, Michael and M. Ramesh (2003). Studying Public Policy: Policy Cycles and Policy Subsystems. Toronto: Oxford University Press;
    • Jenkins-Smith, Hank and Paul A. Sabatier (1993). “The Study of Public Policy Processes” in Policy Change and Learning: An Advocacy Coalition Approach (Paul A. Sabatier and Hank Jenkins-Smith, eds). Boulder: Westview Press, pp. 1-12;
    • Kingdon, John W. (2003). Agendas, Alternatives, and Public Policies (Second Edition). Toronto: Addison-Wesley Educational Publishers Inc;
    • Rose, Richard (1991). “What is Lesson-Drawing?” in Journal of Public Policy 11(1): 3-30;
    • Sabatier, Paul A. (1988). “An Advocacy Coalition Framework of Policy Change and the Role of Policy-Oriented Learning” in Policy Studies 21: 129-168;
    • Stone, Dianne (2002). Policy Paradox: The Art of Political Decision Making (Revised Edition). New York: W. W. Norton & Company Ltd;
    • Woodside, Kenneth (1986). “Policy Instruments and the Study of Public Policy” in Canadian Journal of Political Science 19(4): 775-94;
    • Thomas A. Birkland, After Disaster: Agenda Setting, Public Policy, and Focusing Events (Washington, DC: Georgetown University Press, 2007);
    • Maxwell E. McCombs, Setting the Agenda: The Mass Media and Public Opinion (Cambridge: Polity Press, 2004)
  2. If you want to get a good understanding of the variance between activists, advocates, etc, then I’d highly recommend Colin Bennet. (2008) The Privacy Advocates: Resisting the Spread of Surveillance. His early chapters do a good job explaining these different roles as expressed through the privacy communities. ↩︎
  3. I also run an RSS feed that cultivates a range of topics that align with my professional interests. The most recent items are visible on my website and you can subscribe to it using this link. ↩︎
  4. Some podcasts include: Decoder, HBR on Strategy, Strategy and Leadership Podcast, HBR on Leadership, and The Look & Sound of Leadership. ↩︎

Leave a comment