Government Monitoring of Computers

The White House claims that sophisticated hackers, terrorists, spies and saboteurs increasingly threaten the nation's critical computer networks. According to National Security Advisor, Sandy Berger, "We're not only talking about 17-year old kids in their basement.…We're talking about governments that we know are developing systems to get access to our computer systems."

President Clinton recently said, "Where once our opponents relied exclusively on bombs and bullets, hostile powers and terrorists can now turn a laptop computer into a potent weapon capable of doing enormous damage."

According to Richard Clark, the White House special adviser on terrorism, "There's a giant tsunami about to crash down behind us.…I would rather we respond before an electronic Pearl Harbor."

That's some of the rhetoric in support of a proposed $1.5 billion federal computer security initiative for the next fiscal year. They call it the Federal Intrusion Detection Network (FIDNET).

It's all part of the "National Plan for Information Systems Protection." The plan calls for the establishment of the FIDNET, which would be linked to a similar system in the Defense Department. The Defense Department system is known as the "Joint Task Force/Computer Network Defense" and it monitors all Defense Department networks.

FIDNET would monitor computer and communications networks for security breaches in order to protect the "critical infrastructure" like government, banking, energy, telecom, and transportation. This would include monitoring networks in the private sector.

The National Infrastructure Protection Center, an interagency task force, which the FBI would oversee, would gather the data. According to the White House proposal, the entire network defense initiative was to be completed by May 2003 or sooner, with an estimated cost in the billions of dollars.

The Sound Bite Debate

Skeptics have compared the entire scheme to Ronald Reagan's "Star Wars" missile defense program. They point out that the budget is open-ended and like "Star Wars" relies on untried technologies. Critics also fear that the plan is ripe for abuse.

This debate is just full of cliches and buzz phrases. It really should be an award winner. So far, we have "Pearl Harbor" and "Star Wars." The "ripe for abuse" camp adds "Big Brother" to the mix. They fear that this plan is a thinly guised attempt to permit the government to watch what we all do on our computers. (In an attempt to raise the bar on cliches in this debate, I'd like to offer a prize to anyone who can figure out how to add "Remember the Alamo" to the mix. To win, the use must be reasonable in context.)

The catchy buzz phrase debate continues with Government officials defending their plan by pointing out that they would only be looking for "anomalous activities" like evidence of denial of service attacks. Critics counter that the program could create a "surveillance society," by simplifying the government's methods of collecting vast quantities of information about its unaware citizens.

Ari Schwartz of the Center for Democracy & Technology gets honorable mention in the contest for working the "Trojan Horse" into the debate. As reported by ABC news, he said "It's a Trojan horse for law enforcement and the FBI in particular….Underneath the facade of wanting to protect ourselves from potential terrorists and hackers is a plan to collect information on every citizen in the United States."

According to the Electronic Privacy Information Center (EPIC), "These proposals are more of a threat to our system of ordered liberty than any single attack on our infrastructure could ever be." (Okay, no cliché in there, but "ordered liberty" does subtly invoke the Declaration of Independence and the thought of soldiers marching off to protect our liberty.)

The debate would not be complete without some mention of the "Cold War." So, we have EPIC's General Counsel, David Sobel, adding that, "There is a real danger that a Cold War mentality is developing within the federal government when it comes to the perceived threats of the Internet and communications technology."

The Debate's Result

Maybe the White House floated FIDNET as a trial balloon. It's hard to say for sure, but the Administration seems to be responding to the onslaught of criticism by backing away from its proposal. It remains to be seen how and in what form it will reappear. Clearly, the debate isn't over. Nor, should it be.

Our nation's vulnerability to cyber attacks is a serious issue for all of us. No country relies on information technology more than we do. No nation is as vulnerable to cyber terrorism than ours.

Putting the buzz phrase sound bite cliched rhetoric aside, we do have a problem and it's a true vulnerability to cyber attack. It starts at the individual level with threats like cyber stalking. (Imagine being greeted at the office every morning with 1000 anonymous e-mails that mention your child's school by name and threaten to kill him. That's a thought that has to send a chill down your spine and that's but a single example of a form of cyber stalking.)

It continues up to the corporate level where thieves and spies can steal information and money. A company can be brought to it knees by something as simple as inundating its e-mail system with tens of thousands of e-mails.

For government, the threat can be even bigger. With the resources of governments, spies and saboteurs can bring cloak and dagger. (I'm sorry. I couldn't help myself--one more cliche.) to a whole new level of intrigue. Silent attack via computer is real. Likewise, our need for privacy from the government is real too.

I'm not sure what the answer is, but we have to put the rhetoric aside and deal with the issues. They're simple enough to define without cliches.

At every level, we are vulnerable to attack via computer. The computer is an essential part of our national and even personal infrastructure. (I'd be lost without my e-mail.)

We need to develop ways to protect this infrastructure without undue invasions of personal privacy. This will require that both side in the debate get off their rhetorical high horses and talk. Let's do this before we have a national computer disaster. Let's not be guilty of putting in the burglar alarm after the burglary. We can see the vulnerability. So, let's deal with it.