Cyberdefense: Should Americans be concerned about their privacy?
As Congress weighs information-sharing among government agencies, including the NSA, in the name of cyberdefense, the Pentagon is seeking to allay Americans' privacy concerns.
Mark J. Terrill/AP/File
The Pentagon continues to beat the drum of potential cyberwar. As US cybersecurity deteriorates with the rise of unwelcome attacks on US military networks, Defense Secretary Leon Panetta has dubbed cyberspace ‚Äúthe battlefield of the future.‚ÄĚ
But in the midst of the Pentagon‚Äôs preparation for this next generation of war, critics have raised concerns about just how this bolstering of network defenses might impact the privacy of everyday US citizens.
Several new bills before Congress seek to increase information-sharing among government departments, among them the National Security Agency, the entity responsible for electronic eavesdropping.
Will these new cyberdefense initiatives mean that the NSA will, say, stockpile the private e-mails of Americans?
This week, Gen. Keith Alexander, the head of US Cyber Command, made an effort to reassure an audience at the conservative American Enterprise Institute that cybersecurity and the protection of privacy are not mutually exclusive.¬†
He also said that the NSA‚Äôs new data center would not ‚Äúhold data on US citizens‚ÄĚ or pour over the e-mails of Americans. ‚ÄúWe won‚Äôt do that,‚ÄĚ he said, calling such speculation ‚Äúbaloney.‚ÄĚ
Gen. Alexander sought to elaborate on this point. ‚ÄúThey're not reading your e-mail per se,‚ÄĚ he explained. ‚ÄúThey're looking at the stream of data that's coming in ... looking for signatures or ports or different types of activity.‚ÄĚ
This is a valid point, says James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies. ‚ÄúThe information that would be shared is ‚Äėones and zeros,‚Äô ‚ÄĚ he says ‚Äď in other words, numbers that point to malicious codes. ‚ÄúThere‚Äôs very little personal information in this code,‚ÄĚ Mr. Lewis says.
For those who remain skeptical, Alexander pointed to the sheer numbers. ‚ÄúIf you think about just the volume of US emails ‚Äď just think statistically ... we're talking about, you know, probably 30 trillion emails a year or more. Anybody read 30 trillion ‚Äď think about how that is.‚ÄĚ
Indeed, while the historic problem in espionage has been collecting data, Mr. Lewis points out, it is now storing and sorting it.¬†
‚ÄúI tell people, ‚ÄėIf you think about terrorism, China, weapons of mass destruction, Russia, Iran, Pakistan, North Korea, where do you fit into that list?‚ÄĚ Lewis says. ‚ÄúIf you‚Äôre not doing something that involves that, they don‚Äôt have time to be looking at you.‚ÄĚ
That said, it‚Äôs understandable that Americans remain suspicious, given America‚Äôs legacy of unauthorized wiretaps, Lewis says.
‚ÄúThe big problem is still, unfortunately, the Bush warrantless wiretap program that created such a huge level of distrust, particularly in the privacy community.‚ÄĚ For that reason, ‚Äúof course it‚Äôs reasonable to be suspicious,‚ÄĚ he adds. ‚ÄúThe NSA can‚Äôt go to people and say, ‚ÄėTrust me.‚Äô ‚ÄĚ
Alexander for his part warned, too, of the difficulty of managing the demands for privacy versus the need to respond quickly in the face of a cyberattack.
‚ÄúIt's like a missile coming into the United States. If you think about a missile coming into the United States, there is two things you could do. We could take the snail mail approach and say, ‚ÄėI saw a missile going overhead,‚Äô ‚ÄĚ he told the AEI audience.¬†
‚ÄúNow, cyber is at the speed of light. I'm just saying we perhaps ought to go a little faster ‚Äď probably don't want to use snail mail,‚ÄĚ he ventured. ‚ÄúMaybe we could do this in real time and come up with a construct that you and the American people know that we're not looking at civil liberties and privacy ‚Äď we're actually trying to figure out when the nation is under attack and what we need to do about it.‚ÄĚ