By now most people are familiar with the ongoing debate about how far government should be able to go in monitoring Internet communications. Such was the topic of a recent discussion at the Voice of America building in Washington, D.C. Judging by the remarks of the event’s panelists, especially those of Ambassador Philip Verveer, the State Department’s Coordinator for International Communications and Information Policy, there seems to be a considerable diversity of opinion within the government itself on the issue of cyber security.
There are some very good reasons for the government to put in place good cyber-security policies. The Internet is a cultural, social, and economic engine that acts as the very infrastructure on which most of America operates. But we also know that criminal networks and terrorist organizations often use the Internet for propaganda, operations, and recruitment.
However, as Congress pursues new cyber security legislation and DHS institutes its new cyber awareness campaign (Stop Think Connect), among other federal cyber initiatives, it remains important to reflect on just how much authority government ought to have on cyber matters.
Earlier this year, there was intense debate over the controversial “kill switch” capability which would have granted the President emergency control of the Internet to shut down online traffic in the event of a serious threat. The provision has since been removed from the Senate’s Cybersecurity Act of 2010; however, this is not the end of the debate in terms of Internet freedom and the role of government.
Tellingly, Ambassador Verveer first cited the ability of an Administration to monitor and censor the Internet when asked about the greatest threat to online freedom—before he went on to mention security threats posed by terrorists. Verveer and others have also argued that there are economic reasons for the importance of online freedom.
It remains important to fight terrorists on the electronic battlefield. The Cybersecurity Act’s emergency plan for collaboration between private and public sectors has the potential to bring some benefit in terms of national security. However, cyber-security legislation must avoid focusing too much on instituting a large scale regulatory regime that would force the private sector to spend too much money meeting regulations—a move that would certainly be bad for business and consequentially bad for consumers.