CDT: Privacy, transparency needed in cybersecurity policy

An Obama administration review of cybersecurity policy is due soon

U.S. President Barack Obama's administration and Congress will have to address major civil liberties and transparency concerns as they create new policies to tackle ongoing cybersecurity vulnerabilties in the government and private industry, a digital rights group said.

The White House is scheduled to complete a 60-day review of federal government cybersecurity efforts this week, and questions about civil liberties, privacy and other issues must be addressed, said officials with the Center for Democracy and Technology (CDT), a digital rights group. The Obama administration has so far talked about cybersecurity in broad terms, with the potential for new regulations that have wide-ranging effects, said Leslie Harris, CDT's president and CEO.

"When the administration talks about cybersecurity, at least in advance of this release, cybersecurity is broadly defined in ways that could sweep virtually any aspect of American life into the mix," she said Wednesday.

Policy makers need to treat the Internet differently than other critical infrastructure systems, such as the power grid and water control systems, Harris said. Government officials don't need to worry about free expression when regulating how the power grid should be protected, she noted.

In addition to the 60-day cybersecurity review by U.S. National Security Council adviser Melissa Hathaway, members of Congress have already introduced bills targeted at improving U.S. cybersecurity. Senators Jay Rockefeller, a West Virginia Democrat, and Olympia Snowe, a Maine Republican, introduced a bill April 1 that would allow the president to shut down public and private networks during a cybersecurity emergency and would allow some government regulation of private networks.

CDT also called for the U.S. government to be more transparent in its cybersecurity efforts than in the past and to work harder to share cybersecurity information with the private sector and encourage the private sector to share information with the government. The government needs to provide new incentives for private companies to share information about attacks and vulnerabilities, said Gregory Nojeim, CDT's senior counsel.

"Transparency builds trust," he said. "The public needs to know what's being done to protect their privacy, and also what's being done to protect their security."

The CDT urged Obama not to put the U.S. National Security Agency (NSA) in charge of federal cybersecurity efforts, despite some calls for the U.S. Department of Homeland Security (DHS) to lose its authority in the area.

In December, a panel of cybersecurity experts convened by the Center for Strategic and International Studies (CSIS) recommended that DHS be stripped of its cybersecurity leadership role after years of what the panel called ineffective efforts. Leaving cybersecurity efforts at DHS would "doom that function to failure," the CSIS report said.

While the CSIS panel recommended a cybersecurity czar in the White House, one other approach would be to give the NSA a leadership role, but that would be a mistake, Nojeim said. The NSA has cybersecurity expertise, but its role is to intercept Internet traffic on foreign systems, and CDT is concerned that it would have conflicting incentives for reporting and fixing vulnerabilties, he said.

NSA "wears two hats," Nojeim said. "One is to break into foreign government systems, to exploit weaknesses. The cybersecurity initiative is about plugging weaknesses and strengthening systems. The systems that need to be strengthened are available internationally."

DHS cybersecurity efforts can be improved with congressional help, and that agency has authority to protect critical infrastructure, Nojeim said. "It doesn't solve the problem to complain about it," he said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags privacypolicyBarack Obamacdt

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?