Are you a “Critical Infrastructure Sector?” If so, then the Justice Department is giving you their stamp of approval to monitor private communications on your networks; an act which, according to the non-partisan Congressional Research Service, is a questionable legal use of an Executive Order. Through two recent Freedom of Information Act lawsuits, the Electronic Privacy Information Center (EPIC) recently revealed that the Justice Department has authorized internet providers — most prominently AT&T — to intercept and monitor communications on their networks. Its good news for these sectors: they get to freely violate existing federal wiretap laws. It’s bad news for you and me, though. Through these acts we lose major privacy rights; namely not having our communications and private data tracked. Worse yet, it’s due to a government-corporate partnership. Sounds bad? What is worse is that it ignores the actual cyber security issues we have, and it sets a terrifying precedent for the future.
The program in question began as an effort between the Defense Department, the Department of Homeland Security, and commercial defense contractors to protect military and commercial defense companies from cyber threats, in particular data theft. While the risk of cyber attacks on our military is a valid concern, it is clear now that this was not all that was on the architects of this project’s mind.
Deputy Defense Secretary William J. Lyn said at the time of the program’s inception: “It is possible to imagine attacks on military networks or on critical infrastructure like the transportation system and energy sector that cause severe economic damage, physical destruction or even loss of life.”
No less than two years later, President Obama signed an Executive Order expanding this service to the same “critical infrastructure.” The president’s public renunciation of SOPA and CISPA is thus puzzling; those acts would accomplish many of the same goals and would be doing so legally. Obama’s Executive Order, on the other hand, is not legal.
But what’s most telling is that these safeguards are doing nothing to stop the underlying problem in the majority of these attacks: our global economic rival and current frenemy, China.
China accounted for 41% of the world’s computer attack traffic in the fourth quarter of 2012 and it is heavily suspected that hundreds of attacks are actually coming from the Chinese militaryitself. Adding fuel to that fire, a Chinese general just claimed that these cyber attacks are potentially as powerful as a nuclear weapon. If they are able to attack this powerfully, are we simply waiting for an electronic 9/11 to hit us before our electronic privacy is taken away forever? This act certainly sets the precedent for removing our privacy with its vague notion of what “critical infrastructure” is, which could potentially be interpreted as broadly as the infamous “interstate commerce” has been. If it is, than “critical infrastructure” could mean almost anything; and all our electronic privacy could be washed away. Coming at a time when Americans are becoming more wary of government intrusions into their privacy, this act is an embarrassment to our country and a failure of our leadership.