Thursday, April 5th, 2012
Lawmakers in Washington are divided as to how to implement cybersecurity legislation to protect against infiltration from hackers, but one insider says the answer is simple: just establish border patrol for the Internet in America.
Former George W Bush special adviser for cybersecurity, Richard A. Clarke, tackles the topic of America’s susceptibility to Internet crimes in an editorial published in The New York Times this week, and the ex-White House “cyber czar” says the issue could easily be resolved. Clarke argues that America loses billions of dollars every year from foreign hackers that steal information from US computers, and while Congress is at odds over which of the handful of cybersecurity bills best fits the country’s needs, Clarke — who held related positions in both the Clinton and George W. Bush administrations — offers a solution of his own. In an op-ed published on April 2, Clarke suggests that the US Department of Homeland Security stands to largely stop critical data from being accessed by foreign hackers if they can successfully implement a way to monitor what goes in and out of America’s online infrastructure.
Clarke argues in his op-ed that the current administration is all too hesitant to grab the issue by the horns. Not only has Congress complicated matters by considering several similar laws to establish cybersecurity guidelines with little success, he says, but President Barack Obama himself has failed to exercise his own authority to take on the issue. The commander-in-chief, argues Clarke, could easily let the Department of Homeland Security take a stab at the problem. In turn, all they would have to do is scan trillions upon trillions of bits and bytes being beamed out of the personal computers in each American household.
“Under Customs authority, the Department of Homeland Security could inspect what enters and exits the United States in cyberspace,” writes Clarke. “Customs already looks online for child pornography crossing our virtual borders. And under the Intelligence Act, the president could issue a finding that would authorize agencies to scan Internet traffic outside the United States and seize sensitive files stolen from within our borders.”
Clarke insists that the president could easily step up and establish these guidelines himself without dealing with a divided Congress. Currently the US House of Representatives and Senate are considering varying legislation that would let the government monitor the Web to differing degrees. According to Clarke, however, letting DHS dig into the data going in and out of America’s computer systems would be the best place to start.
The op-ed, titled “How China Steals Our Secrets,” was published days after a congressional panel heard that a 10-year, $1 billion research program was copied by hackers in a single night. The US military’s Cyber Command chief called the crime at the time “the greatest transfer of wealth in history,” but Clarke fears that future attacks will only rival it. Should hackers uncover classified information and hand it over to the Chinese, writes Clarke, America’s “competitive edge” against other nations will be jeopardized. He adds that many private firms are already unknowingly being hacked by outside users with unauthorized access and the next major cybercrime could already be on the horizon.
“If Congress will not act to protect America’s companies from Chinese cyberthreats, President Obama must,” writes Clarke.
In the new op-ed, however, Clarke attempts to downplay the privacy concerns that are certain to arise should his own idea for cybersecurity take off. “Because it is fearful that government monitoring would be seen as a cover for illegal snooping and a violation of citizens’ privacy, the Obama administration has not even attempted to develop a proposal for spotting and stopping vast industrial espionage,” he explains, “…But by failing to act, Washington is effectively fulfilling China’s research requirements while helping to put Americans out of work.”
For now Clarke’s suggestion is merely a pipe dream for the man that spent decades working for the US government, including an impressive stint on the United States Security Council. In the meantime, though, Congress could be very close to establishing other guidelines for the World Wide Web that might eliminate online privacy in America as it currently exists.
One of the proposed bills currently garnering significant support in Washington is the Cyber Intelligence Sharing and Protection Act, or CISPA, which, if passed, would let the government get into any personal online communication it wants if it can claim that efforts exist “to degrade, disrupt or destroy” either “a system or network of a government or private entity.”
“We have a number of concerns with something like this bill that creates sort of a vast hole in the privacy law to allow government to receive these kinds of information,” Kendall Burman of the DC-based Center for Democracy and Technology tells RT during a recent interview. “Cyber security, when done right and done narrowly, could benefit everyone,” she added, “but it needs to be done in an incremental way with an arrow approach, and the heavy hand that lawmakers are taking with these current bills . . . it brings real serious concerns.”
To POLITICO, the CDT’s vice president of public policy, Jim Dempsey, agrees that some sort of legislation could be a blessing as far as protecting America’s cyber infrastructure goes, but that is far and away different from digging into the personal correspondence being conducted from every computer in the country. “I think the government itself is a little schizophrenic on this,” explains Dempsey. “On the one hand, there’s clearly the appropriate desire to say, ‘When a hurricane hits, we want to get information on the ground.’ Then there are others that say, ‘We also want to hear about protests and demonstrations.’”
Rep. Patrick Meehan (R-Pa.), chairman of the House Homeland Security Subcommittee on Counterterrorism and Intelligence, adds to POLITICO that the government needs to figure out how to go about handling the “gray area” between personal matters and national threats if it wants to actually establish cybersecurity legislation without losing the support of millions of Americans.
“The concept that the government would somehow be monitoring and storing inquiries of individual Web activities — many would find that disconcerting,” says Meehan.
In his op-ed, however, Richard Clarke says that the government could easily alleviate those concerns. “[T]his does not have to endanger citizens’ privacy rights,” urges Clarke, who at the same time suggests that the Obama administration has failed to take the initiative in the matter thus far because “it fears a negative reaction from privacy-rights and Internet-freedom advocates who do not want the government scanning Internet traffic.”
The CDT’s Burman also agrees as much and warns that, should the government give CISPA or any of the other cyber-surveillance legislation the go ahead, Congress could expect a backlash like they experienced earlier this year after attempting to pass SOPA, the Stop Online Privacy Act.
“One of the lessons we learned in the reaction to SOPA and PIPA is that when Congress tries to legislate on things that are going to affect Internet users’ experience, the Internet users are going to pay attention,” Burman tells RT.