CDT: Privacy, transparency needed in cybersecurity policy

An Obama administration review of cybersecurity policy is due soon

U.S. President Barack Obama's administration and Congress will have to address major civil liberties and transparency concerns as they create new policies to tackle ongoing cybersecurity vulnerabilties in the government and private industry, a digital rights group said.

The White House is scheduled to complete a 60-day review of federal government cybersecurity efforts this week, and questions about civil liberties, privacy and other issues must be addressed, said officials with the Center for Democracy and Technology (CDT), a digital rights group. The Obama administration has so far talked about cybersecurity in broad terms, with the potential for new regulations that have wide-ranging effects, said Leslie Harris, CDT's president and CEO.

"When the administration talks about cybersecurity, at least in advance of this release, cybersecurity is broadly defined in ways that could sweep virtually any aspect of American life into the mix," she said Wednesday.

Policy makers need to treat the Internet differently than other critical infrastructure systems, such as the power grid and water control systems, Harris said. Government officials don't need to worry about free expression when regulating how the power grid should be protected, she noted.

In addition to the 60-day cybersecurity review by U.S. National Security Council adviser Melissa Hathaway, members of Congress have already introduced bills targeted at improving U.S. cybersecurity. Senators Jay Rockefeller, a West Virginia Democrat, and Olympia Snowe, a Maine Republican, introduced a bill April 1 that would allow the president to shut down public and private networks during a cybersecurity emergency and would allow some government regulation of private networks.

CDT also called for the U.S. government to be more transparent in its cybersecurity efforts than in the past and to work harder to share cybersecurity information with the private sector and encourage the private sector to share information with the government. The government needs to provide new incentives for private companies to share information about attacks and vulnerabilities, said Gregory Nojeim, CDT's senior counsel.

"Transparency builds trust," he said. "The public needs to know what's being done to protect their privacy, and also what's being done to protect their security."

The CDT urged Obama not to put the U.S. National Security Agency (NSA) in charge of federal cybersecurity efforts, despite some calls for the U.S. Department of Homeland Security (DHS) to lose its authority in the area.

In December, a panel of cybersecurity experts convened by the Center for Strategic and International Studies (CSIS) recommended that DHS be stripped of its cybersecurity leadership role after years of what the panel called ineffective efforts. Leaving cybersecurity efforts at DHS would "doom that function to failure," the CSIS report said.

While the CSIS panel recommended a cybersecurity czar in the White House, one other approach would be to give the NSA a leadership role, but that would be a mistake, Nojeim said. The NSA has cybersecurity expertise, but its role is to intercept Internet traffic on foreign systems, and CDT is concerned that it would have conflicting incentives for reporting and fixing vulnerabilties, he said.

NSA "wears two hats," Nojeim said. "One is to break into foreign government systems, to exploit weaknesses. The cybersecurity initiative is about plugging weaknesses and strengthening systems. The systems that need to be strengthened are available internationally."

DHS cybersecurity efforts can be improved with congressional help, and that agency has authority to protect critical infrastructure, Nojeim said. "It doesn't solve the problem to complain about it," he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags cybersecuritypolicysecuritycdtBarack Obamaprivacy

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?