The Cybersecurity Debate:
Liberty vs. Expanded Government Controls
Twenty years ago the big technology debate on Capitol Hill was about encryption software—software that changes plain text into unreadable script to anyone who does not have a “key”—pitting “security” against a citizen’s privacy.
Many in government predicted great calamity if the use of robust encryption was allowed to continue without the federal government having a built-in means to overcome the encryption at will, to sneak into when they wanted. In the end, citizens won, and no calamity resulted.
Now, one of the big debates this year is over cybersecurity legislation—legislation attempting to find a way to protect U.S. “critical infrastructure” from domestic or foreign cyber attacks—and again government officials are determined to attack the problem by attacking privacy and replacing it with greater government control.
The debate boils down to an old question—citizens’ rights versus security, or more exactly, how many of our constitutionally guaranteed rights protecting us from government would be eroded to grow government to a size to try to add some additional security? Or, as James Madison said, “The means of defence [sic] against foreign danger, have been always the instruments of tyranny at home.”
To be fair, there is a challenge—more than 80 percent of critical infrastructure is owned by the private sector, including such things as the chemical plants and financial networks. How to provide adequate protection then from attack?
Current considerations have included so-called voluntary standards developed by the federal government. But those are a small step away from being mandatory requirements, in other words, more regulation.
An appropriate solution would encourage good behavior by the private sector, including guarantees that citizens are protected from “Internet eavesdropping” and other privacy-destroying schemes that avoid legal oversight. An adequate solution would also include clear definitions of the threats and what efforts can be made to defeat those threats, and more essentially, a clear thoughtful definition of “critical infrastructure.” Constraining the granted power in such legislation is one means to exercise a measure of protection from the law becoming another “instrument of tyranny at home.”
Fundamentally, a strong partnership with the private sector should be the goal rather than an over regulatory new construct of bureaucracies and mandates, bogging down innovation and the ability to act and react, all guaranteed to further erode our guaranteed liberties and still leave our security suspect.
The “special interests” fighting in this case are U.S. citizens versus expanding government, liberty versus control. So when the White House expresses frustration in a statement, “the politics of obstructionism, driven by special interest groups seeking to avoid accountability, prevented Congress from passing legislation to better protect our nation from potentially catastrophic cyberattacks,” then the very special interest of liberty must be winning.
Today’s TechByte was written by Bartlett D. Cleland, Policy Counsel with the Institute for Policy Innovation.