Online privacy

WSJ, Wyden Spar over Cybersecurity

Oregon Senator Ron Wyden responded to a Wall Street Journal editorial invitation to exchange views on cyber security, cyber war and individual privacy. The exchange is enlightening.

Oregon Senator Ron Wyden responded to a Wall Street Journal editorial invitation to exchange views on cyber security, cyber war and individual privacy. The exchange is enlightening.

Oregon Senator Ron Wyden and the Wall Street Journal editorial board engaged this week in an enlightening exchange about privacy, cybersecurity and computer hacking by foreign nations.

It began with an editorial titled "The Chinese Have Your Numbers," which was written after Chinese hackers grabbed personnel files from 2.1 million federal employees. The editorial said the hack is "one more confirmation that China is waging an unrelenting if unacknowledged cyber war against the United States."

The editorial openly invited Wyden and Senator Rand Paul, who played lead roles in replacing the Patriot Act with less intrusive metadata collection rules, to offer "suggestions for countering this privacy threat." Wyden responded to the invitation on his own website.

"The way to address this threat…is to ensure federal agencies receive the funding and expertise to develop and implement robust security programs…and the technical and administrative controls they need to combat a wide variety of cybersecurity threats," Wyden said.

"It also is important for the United States to invest in the education of the next leaders in cybersecurity and to recruit and retain a strong federal cybersecurity workforce by ensuring cybersecurity professionals can find opportunities and career paths in government that are as rewarding as those in the private sector."

Wyden added, "Mass surveillance of law-abiding Americans will not prevent data breaches. Weakening encryption technologies or stockpiling users' encryption keys will not prevent data breaches. And making it harder for individuals to sue large corporations inappropriately sharing their data will not prevent data breaches."

Wyden voiced opposition to pending legislation that he said would allow private corporations to share information with the federal government with legal immunity to actions brought by individuals who claim their privacy was violated.

"In the case of both NSA mass surveillance and the Office of Personnel Management data breach, Americans are rightly worried that their personal information is not secure and that it can be accessed without their knowledge or consent," Wyden said.

The WSJ editorial urged the Obama administration to move more forcefully to "punish Chinese institutions that continue to steal American secrets. "That won't end the threat," the editorial said, "but it might give the governments that underwriting these hackers some pause."

"The United States is already in a cyber war," the editorial concluded. "The problem is that the Obama administration doesn't want to admit it."

Wyden countered with: "Cyberattacks represent a serious threat to fundamental American interests, including national security, economic competitiveness and individual privacy. These security breaches can be caused in a variety of ways by a variety of actors, with varying knowledge and resources. The solutions to the problem are just as diverse.

"Responses to aggressive actions by foreign government should include the full range of U.S. power, from multilateral diplomacy to economic sanctions to law enforcement action. It is a mistake to lump the many aspects of this problem into a single cyber threat that can be solved by a single cybersecurity bullet."

 

The Tangled Tale of Personal Privacy

Two stories on the same day in The Washington Post show the extreme pressure points on maintaining personal privacy. 

One describes U.S. government efforts to protect against potentially devastating international cyber attacks; the other points out user frustration with privacy policies by digital giants such as Google.

A story headlined, "White House, NSA weigh cybersecurity, personal privacy," talks about legislation to allow continuous, routine surveillance of civilian Internet activity.

Users won’t be able to opt out. If they don’t like the change, Google has said, they can avoid signing into their accounts or stop using Google products altogether, 

That’s easier said than done, experts say in the other Post story noted. For more than 350 million people using Gmail around the world, moving to a new e-mail program is perhaps more inconvenient than changing a mailing address or a bank account.

"Google unified privacy settings unsettle users" traces the concerns of users worried about the accumulation of personal data based on their searches, email content and downloaded videos,' the article says.

Euro-Style Online Privacy Protection

Concern is growing over online privacy, but don't expect Congress to import Euro-style, comprehensive privacy regulation.Update on Tuesday, September 27, 2011 at 1:00PM by CFM team

Privacy Rules Urged on Supercookies

September 27, 2011 –A bipartisan House privacy caucus has urged the Federal Trade Commission to look into the use of "supercookies" by websites such as Hulu.com and MSN.com.

Congressmen Ed Markey, (D-Mass) and Joe Barton (R-Texas), who co-chair the privacy caucus, told the FTC they believe supercookies, which recreate online user's profile information even after the user has deleted traditional cookies, may constitute an unfair and deceptive trade practice. Barton said, "I think supercookies should be outlawed because their existence eats away at consumer choice and privacy." Concern about supercookies was fueled by findings from research conducted at Standard University and the University of California, Berkeley, and reported recently by the Wall Street Journal.

—End Update—

A U.S. House Energy and Commerce subcommittee is examining Europe's comprehensive approach to privacy protection, but some legal experts doubt whether Euro-style privacy regulation could win support in the United States.