Wednesday, February 23, 2011

Security vs Privacy/Freeddom: The Internet Freedom Act


Security is often increased at the cost of personal privacy and freedom. Anticipating opposition to reduced privacy and freedom, lawmakers and agencies often employ Orwellian doublespeak to garner support, examples include: The Patriot Act (takes away privacy), Department of Defense (starts wars), and No Child Left Behind (diminishes funding for public education).

So when Senators Lieberman(I) and Collins(R) introduce a bill called "Cybersecurity and Internet Freedom Act", there is reason for further investigation. Most of the bill is uncontroversial, such as recruiting federal cybersecurity agents and funding research for secure internet protocols. However, the bill also gives the President the ability to "issue a declaration of a national cyberemergency". During this time, the executive branch could restrict access to, from, and between portions of the internet, as well as demand that companies deemed "critical to the nation's infrastructure...immediately comply with any emergency measure or action". The bill places no explicit restrictions or oversight on the executive branch, only implicitly allows judicial review.

The aim of the bill is to protect our critical infrastructure (water, power, financial, etc) in the event of a cyber attack on the country. But is this the right approach? Jim Harper, information policy expert, offers this analysis: "Get critical infrastructure onto the Internet and get the government into the cyber security business. That’s a recipe for disaster. The right answer is to warn the operators of key infrastructure to keep critical functions off the Internet and let markets and tort law hold them responsible should they fail to maintain themselves operational."

I believe people are right to question the ability of the executive branch to carry out this duty fairly and efficiently. Earlier this month, the DHS erroneously seized 84,000 domains and replaced their content with a banner informing them and their visitors that the site had possibly violated child pornography laws. In December, federal employees (including soldiers) were warned that viewing or linking to wikileaks cables was explicitly breaking the law.

At the same time, hackers that have been traced back to China have attacked computer systems of both the Canadian Government and U.S. Oil Firms. The threat of an attack is definitely not fabricated.

So, I ask you, what freedom/privacy should we be willing to give up for infrastructure security? Are we protecting our infrastructure in the right way?

Sources:
http://news.cnet.com/8301-31921_3-20033717-281.html?tag=mantle_skin;content
http://blogs.wsj.com/digits/2011/02/18/new-cyber-security-bill-kills-the-kill-switch/?KEYWORDS=Cybersecurity+and+Internet+Freedom+Act
http://blog.ericreasons.com/2009/04/from-senator-who-wishes-internet-was.html

Tuesday, February 8, 2011

Introduction


Richard Clarke, in his recent novel Cyber War, defines Cyber Warfare as "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption". The U.S. Deputy Secretary of Defense, William Lynn, has stated that "the Pentagon has formally recognized cyberspace as a new domain in warfare . . . [which] has become just as critical to military operations as land, sea, air, and space." So, how much is known about this new domain in warfare? Despite being less visible than other forms of warfare, it has the potential of being equally damaging to a nation's confidence, economy, and infrastructure. This blog will follow the major events and developments of this new domain in warfare. Along the way, I will comment on how well prepared the United States is for this upcoming war, how this will change our daily lives and policies, and what we are sacrificing to achieve greater security. Thank you for reading, and I always appreciate your comments and contributions!