Subscribe

US Cyberspace Bill Walks a Fine Line

By Joshua Philipp
Epoch Times Staff
Created: May 25, 2011 Last Updated: May 25, 2011
Related articles: Technology » Cyber Security
Print E-mail to a friend Give feedback

CYBER DEFENSE: Lucus Nelson teaches Hash analysis in Windows forensic examinations using EnCase Sept. 9, 2010, at the Defense Cyber Investigations Training Academy in Linthicum, Md. Additional instructors roam the room providing assistance to any student wanting help. (Air Force photo/Lance Cheung)

CYBER DEFENSE: Lucus Nelson teaches Hash analysis in Windows forensic examinations using EnCase Sept. 9, 2010, at the Defense Cyber Investigations Training Academy in Linthicum, Md. Additional instructors roam the room providing assistance to any student wanting help. (Air Force photo/Lance Cheung)

As the government moves to secure the nation’s networks from cyber-attacks, striking a balance between security and digital rights is again the topic of concern. Although the White House proposal has received less backfire than several similar bills, concerns have struck a common chord.

The ongoing problem is that a strong cyberstrategy would require imposing systems of monitoring and security standards that do not float well with digital rights and privacy. Some of the stronger government cybersecurity systems, including Einstein 3 and the CINDER program, could root out many key problems, but their nature of scanning information flowing through networks make them unlikely candidates for public systems.

Securing critical infrastructure remains a key concern in cybersecurity—areas essential to a functioning nation, that would be key targets in the case of a cyberconflict including the energy grid, financial sectors, and transportation networks. The problem is that the majority of critical infrastructures are privately owned, and reining them into a cybersecurity strategy raises questions of how much control government should have over private enterprise, let alone issues of privacy.

Thus, the latest cyberstrategy, introduced by the White House in the Cyberspace Policy Review, is focusing largely on companies and networks voluntarily implementing many of its standards.

The breadth of the bill is a key point of debate. A Center for Democracy & Technology (CDT) analysis states problems could arise from the legislation extending the reach of the Computer Fraud and Abuse Act (CFAA), that helps the federal government fight cybercrime, “in ways that give rise to some troubling issues.”

According to the analysis, the current proposal will broaden the CFAA, increasing penalties for cybercrime and expanding what qualifies as cybercrime.

It states users could face some serious issues, as “violating terms of service that they haven’t even read could land them in prison,” and if two individuals created false accounts on MySpace and Facebook “and used those fake accounts in a coordinated fashion, they could have been subject to racketeering charges under the Administration proposal.”

Among other issues, it could criminalize modifying devices, such as “jail breaking” an iPad to install different software and sharing the code for doing so. It also adds physical property, including a user’s home, to what is subject to civil forfeit if it was used in a crime.

“Imagine, for example, a teenage hacker who has used his parents’ computer to attempt to break into a bank network. If his parents were aware of his attempts but failed to turn him in, not only would that computer be subject to forfeiture, but so would his parents’ house,” stated the CDT.

“The conduct constituting a violation of the CFAA must be narrowed before Congress considers legislation to extend the statute and enhance the penalties under it,” it stated.

Read More…Securing Networks





   

GET THE FREE DAILY E-NEWSLETTER


Selected Topics from The Epoch Times

London 2012 Olympics