In his first official appearance since being named to coordinate the Obama administration's cybersecurity strategy, Howard Schmidt yesterday said he would have the authority and the "president's ear" as he seeks to take the necessary steps to prevent cyber attacks. But one challenge that may be beyond anyone's capability to address is the range of conflicting interests among government agencies that could pull network operators in multiple directions on issues of security and privacy.
In an opinion piece at CNN.com, security expert Bruce Schneier says the real news behind the recent Chinese cyber attacks on Google's systems "isn't that Chinese hackers engage in these activities or that their attempts are technically sophisticated -- we knew that already -- it's that the U.S. government inadvertently aided the hackers." The hackers were able to gain access to Google's systems through a backdoor access system into Gmail accounts that Google created to comply with government search warrants on user data, Schneier says.
So a policy put in place to help law enforcement agencies investigate crimes and protect the public may have helped compromise the security of personal information online. As policy-makers pay closer attention to cybersecurity, can they craft policies that will truly help secure networks that are far more complex for them to understand? And what happens if some of those pro-cybersecurity policies bump up against other government priorities such as law enforcement or combating terrorism?
This isn't the only example of the policy tensions arising between different governments or different agencies. We've seen European policy-makers pressuring search engine operators to retain data collected on users for shorter periods of time in the interest of personal privacy, as demonstrated by Microsoft's recent move to discard such data after six months. But at the same time, some law enforcement agencies would prefer search engine data to be retained for longer periods of time due to the potential to assist in criminal investigations, in hopes that a murder suspect might have incriminating information in their search history, for example.
So as governments around the globe dive more into these rapidly emerging issues, we'll have to see if policy-makers can figure out how to balance these competing interests and come up with a coherent approach. It's a lot easier said than done. -- BH
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment