Shows & Panels
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- American Readiness: Renewable Power and Efficiency Technologies
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal News Radio's National Cyber Security Awareness Month Special Panel Discussion
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- The New Generation of Database
- Reimagining the Next Generation of Government
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
US cybersecurity efforts trigger privacy concerns
Friday - 1/27/2012, 11:37am EST
By LOLITA C. BALDOR
WASHINGTON (AP) - The federal government's plan to expand computer security protections into critical parts of private industry is raising concerns that the move will threaten Americans' civil liberties.
In a report for release Friday, The Constitution Project warns that as the Obama administration partners more with the energy, financial, communications and health care industries to monitor and protect networks, sensitive personal information of people who work for or communicate with those companies could be improperly or inadvertently disclosed.
While the government may have good intentions, it "runs the risk of establishing a program akin to wiretapping all network users' communications," the nonpartisan legal think tank says. The Associated Press obtained a copy of the report in advance.
Cybersecurity has become a rapidly expanding priority for the government as federal agencies, private companies and everyday people come under persistent and increasingly sophisticated computer attacks. The threat is diverse, ranging from computer hackers going after banking and financial accounts to terrorists or other nations breaching government networks to steal sensitive data or sabotage critical systems such as the electrical grid, nuclear plants or Wall Street.
Privacy has been a hotly debated issue, particularly as the Pentagon broadens its pilot program to help defense contractors protect their networks and systems. Several companies, including critical jet fighter and drone programs, have been attacked, although the Pentagon has said that no classified information was lost.
And there are plans for the Homeland Security Department to use the defense program as a model to prevent hackers and hostile nations from breaching critical infrastructure. Officials have suggested that Congress needs to craft legislation that would protect companies from certain privacy and other laws in order to share information with the government for cybersecurity purposes.
DHS spokesman Matt Chandler said the legislative proposals reflect the administration's commitment to privacy protections and contain standards to minimize contact with personal information while dealing with cybersecurity threats. "DHS builds strong privacy protections into the core of all cybersecurity programs and initiatives," Chandler said, adding that the agency realizes that providing assistance to private companies is a sensitive task that requires "trust and strict confidentiality."
The Constitution Project report recommends that officials limit the amount and nature of personal information shared between the public and private sectors. And it calls for strict oversight of the cyber programs by Congress and independent audits, to ensure that privacy rights have not been violated.
"The government should not be permitted to conduct an end-run around Fourth Amendment safeguards by relying upon private companies to monitor networks," it said.
In addition, the report raised concerns about the ongoing development of the Einstein 3 program, a government network monitoring system that would both detect and take action against cyberattacks on federal systems. DHS officials have said that extensive privacy protections are in place.
But the report expressed concerns that as DHS and the secretive National Security Agency share information about potential computer-based threats, the NSA could review communications from U.S. individuals without setting up privacy safeguards.
"With more and more people needing to share sensitive personal and financial data over the Internet, it is absolutely vital that, while we are looking to protect our networks against cyberattack, we also preserve our constitutionally guaranteed rights to privacy," said Constitution Project committee member Asa Hutchinson, a former DHS undersecretary who also served as a GOP congressman from Arkansas.
Lawmakers who have been wrestling with these issues over the past several years have several bills in the works, and most include some privacy provisions.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.
(Copyright 2012 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)