Protection from Unauthorized Computer Access
Congress has recognized the need and is working on solutions to take the measures needed to protect our computers and the Internet against unauthorized access or attacks.
At stake is our ability to safely shop, conduct business and communicate with others.
We need to work together to fight threats. The responsibility needs to be shared and requires everyone to help out – from government and law enforcement to all businesses and most importantly, civilians, that’s right you and me. Nobody, no country, no type of business or individual is immune to unauthorized computer access and the related risks. The Department of Homeland Security plays the key role in this effort, protecting government networks and helping owners and operators of critical infrastructure to secure the networks we all depend on.
Congress has a tough challenge to write the bills necessary to bring all of us together to protect our country, to protect our businesses and ourselves from unauthorized computer access attacks.
Here are some the issues and difficulties congress is having creating legislation and bringing us together;
1. How do you collect the information to enforce cyber security laws without creating a surveillance system that violates our privacy? The information that’s needed must be defined carefully for cyber security reasons and purposes only.
2. What is the best way to work together? Information is power. Beware of who controls the access. On one side, civilian control includes accountability to the public for abuse or failure. On the other side is the secretive nature and necessity of military control.
3. The Department of Homeland Security takes the lead in deciding how cyber security information will be distributed or assigned. DHS’s role to help coordinate civilian and government protection efforts needs to be clearly defined.
4. What is the best way to authorize Internet Service Providers and other companies to monitor the computer and information systems they own and operate? Monitoring needs to be defined very specifically with clear limitations.
Some of the bills underway in congress may authorize access for companies to monitor their customers are currently suggesting broad definitions such as “any actions” that result in unauthorized access and theft or manipulation of data.
“Any actions” might include things that are done by honest computer operator mistakes or even by everyday good practices. Examples that might raise a flag under a broad definition are; sharing a link to a file sharing site, forwarding an email or sharing your Gmail password.
5. How will the bills in congress work with the new Federal Communications Commission Order that adopts "basic rules of the road to preserve the open Internet as a platform for innovation, investment, competition, and free expression”? Net neutrality” has finally arrived but will it last? Congress will be challenged again to clearly define cyber security and not be vague when it comes to the rules of the road.
6. What happens to your home if your young computer savvy family member violates some company’s Terms of Service that you may not of known even existed? As congress decides on increasing the penalties (maybe even seizing your home) for the Computer Fraud and Abuse Act, an anti-hacking statute, shouldn’t they make absolutely sure the violations actually resulted in hacking? We all need to get this right the first time.
7. We have the need to narrowly, exactly, specifically DEFINE cyber security information to protect us from unauthorized computer access and not for any other use.
Legislation in progress; Lungren bill H.R. 3674, Lieberman bill S. 2105, McCain bill S. 2151, and the Rogers bill H.R. 3523
Remember January 18th, 2012 was a big day for the Web. Americans stood up in opposition to PIPA and SOPA – bills that would censor the Web and impose harmful regulations on U.S. businesses. Many of your favorite web sites went dark, Americans made thousands of phone calls to our elected representatives in Washington, and raised your voice by petitioning Congress.
Congress needs civilian, government and military to work together. Let’s help Congress create a solution to protect unauthorized use of our computers, Cyber Security is a necessity.