Tied to the mast
…but orange now and black

Cyber security in public policy

Halperin has posted a White House fact sheet reviewing cyberspace security policy title “Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure.”

The first question that jumps out from that title is what is the relationship the White House understands to exist between resiliency and security. The two concepts are necessarily coupled, reliant on one another up to a point, and exclusive of one another beyond it.  In the Obama administration’s understanding, where are we now, and where do we need to go relative to that benchmark?

The report elaborates:

In this environment, the status quo is no longer acceptable, and a national dialogue on cybersecurity must begin today.  The U.S. Government cannot succeed in securing cyberspace in isolation, but it also cannot entirely delegate or abrogate its role in securing the Nation from a cyber incident or accident.  Ensuring that cyberspace is sufficiently resilient and trustworthy to support U.S. goals of economic growth, civil liberties and privacy protections, national security, and the continued advancement of global democratic institutions requires working with individuals, academia, industry, and governments.

The two first statements I’ve emphasized–“the status quo is no longer acceptable” and “securing cyberspace”–make me nervous. Maybe this is a stupid question, but what kind of incident or accident exactly do they have in mind? That the current “unsecure” internet has been a massive boon to economic growth, civil liberties, (maybe not privacy protection or national security), but definitely the “the continued advancement of global democratic institutions” (in being one itself), seems to me fairly obvious. And while I agree that there’s lots wrong with the status quo, that’s not the same as asserting that the status quo is “no longer acceptable.”As Jefferson puts it:

Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed.

This nod to the validity of conservative reservations–embodied in the danger of revolutionizing an institution as integrated into the global economy and peoples’ lives as the Internet–shouldn’t be taken lightly. Considering the goods, it is for the advocates of revolution to list their grievances and prove that the evils are no longer sufferable. They don’t do that in this document, though reassuringly they gesture towards needing to. The language is also not revolutionary, but, it’s nothing close to celebratory either.

To restate, I don’t doubt the need to be aware of sercurity concerns and respond to them in the best way possible, but there is a basic paradigm problem for governments trying to respond to the Internet, and I am very concerned that anachronistic threats will be projected onto the internet by the old guard that ultimately will do much to harm the promise of civic empowerment that, for all of Cass Sunstein’s cynicism, I still think exists in the new networked communications technologies (a core argument of my thesis, I’ll develop why I think this in later posts.)


No Responses to “Cyber security in public policy”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: