NSA Hooking Up Ominously Named 'Perfect Citizen' To Watch The Internet
from the not-so-perfect dept
Part of the problem, of course, is the tremendous secrecy around it. Jim Harper does a good job making the case that much of this program should be public, and blames Congress for falling prey to "cyberwar" hype in not forcing the details of this program to be publicly scrutinized:
If there is to be a federal government role in securing the Internet from cyberattacks, there is no good reason why its main components should not be publicly known and openly debated. Small parts, like threat signatures and such--the unique characteristics of new attacks--might be appropriately kept secret, but no favor is done to any potential attackers by revealing that there is a system for detecting their activities.Harper's points are worth repeating. He's not saying saying that the government shouldn't be looking for potential threats or vulnerabilities, but that many of the details should be public. It's fine to keep some aspects secret, but keeping the entire program secret inevitably means that it will be less effective. On top of that, even if it's officially just for "assessment" at this time, we've all seen how government programs morph and change over time (especially to political will) -- especially when it comes to monitoring. Or do we need to remind everyone how often the feds have admitted to violating the law with wiretaps?
A cybersecurity effort that is not tested by public oversight will be weaker than ones that are scrutinzed by private-sector experts, academics, security vendors, and watchdog groups.
Benign intentions do not control future results, and governmental surveillance of the Internet for "cybersecurity" purposes may warp over time to surveillance for ideological and political purposes.