CDT: Privacy, transparency needed in cybersecurity policy

An Obama administration review of cybersecurity policy is due soon

U.S. President Barack Obama's administration and Congress will have to address major civil liberties and transparency concerns as they create new policies to tackle ongoing cybersecurity vulnerabilties in the government and private industry, a digital rights group said.

The White House is scheduled to complete a 60-day review of federal government cybersecurity efforts this week, and questions about civil liberties, privacy and other issues must be addressed, said officials with the Center for Democracy and Technology (CDT), a digital rights group. The Obama administration has so far talked about cybersecurity in broad terms, with the potential for new regulations that have wide-ranging effects, said Leslie Harris, CDT's president and CEO.

"When the administration talks about cybersecurity, at least in advance of this release, cybersecurity is broadly defined in ways that could sweep virtually any aspect of American life into the mix," she said Wednesday.

Policy makers need to treat the Internet differently than other critical infrastructure systems, such as the power grid and water control systems, Harris said. Government officials don't need to worry about free expression when regulating how the power grid should be protected, she noted.

In addition to the 60-day cybersecurity review by U.S. National Security Council adviser Melissa Hathaway, members of Congress have already introduced bills targeted at improving U.S. cybersecurity. Senators Jay Rockefeller, a West Virginia Democrat, and Olympia Snowe, a Maine Republican, introduced a bill April 1 that would allow the president to shut down public and private networks during a cybersecurity emergency and would allow some government regulation of private networks.

CDT also called for the U.S. government to be more transparent in its cybersecurity efforts than in the past and to work harder to share cybersecurity information with the private sector and encourage the private sector to share information with the government. The government needs to provide new incentives for private companies to share information about attacks and vulnerabilities, said Gregory Nojeim, CDT's senior counsel.

"Transparency builds trust," he said. "The public needs to know what's being done to protect their privacy, and also what's being done to protect their security."

The CDT urged Obama not to put the U.S. National Security Agency (NSA) in charge of federal cybersecurity efforts, despite some calls for the U.S. Department of Homeland Security (DHS) to lose its authority in the area.

In December, a panel of cybersecurity experts convened by the Center for Strategic and International Studies (CSIS) recommended that DHS be stripped of its cybersecurity leadership role after years of what the panel called ineffective efforts. Leaving cybersecurity efforts at DHS would "doom that function to failure," the CSIS report said.

While the CSIS panel recommended a cybersecurity czar in the White House, one other approach would be to give the NSA a leadership role, but that would be a mistake, Nojeim said. The NSA has cybersecurity expertise, but its role is to intercept Internet traffic on foreign systems, and CDT is concerned that it would have conflicting incentives for reporting and fixing vulnerabilties, he said.

NSA "wears two hats," Nojeim said. "One is to break into foreign government systems, to exploit weaknesses. The cybersecurity initiative is about plugging weaknesses and strengthening systems. The systems that need to be strengthened are available internationally."

DHS cybersecurity efforts can be improved with congressional help, and that agency has authority to protect critical infrastructure, Nojeim said. "It doesn't solve the problem to complain about it," he said.

Tags cybersecuritypolicysecuritycdtBarack Obamaprivacy

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?