2 August 1999. Thanks to RH.
Source: New York Times, August 1, 1999
http://www.nytimes.com/yr/mo/day/editorial/01sun1.html
EDITORIAL
The Clinton Administration is right to concern itself with protecting America's computer networks against cyber attacks by terrorists or foreign governments. But a draft plan now being considered by the White House could lead to Federal monitoring of much of the nation's governmental and commercial computer communications. Such broad governmental surveillance is not a reliable way of assuring computer security and intrudes too deeply into the privacy of law-abiding Americans.
The White House proposal follows a review President Clinton ordered last year of the vulnerability of the Federal Government's computer networks to intrusion and damage by terrorists. It recommends expanding the monitoring system now used by the Defense Department throughout the Federal Government.
This means automated software would be used to scan the messages and files of millions of civilian Government employees to spot suspicious patterns. The results would then be turned over to a special task force overseen by the Federal Bureau of Investigation.
Computer network security is a real and growing problem. The Federal Government needs to protect not just sensitive defense secrets, but also the computers that manage air traffic control, Social Security, Medicare and a host of other civilian programs.
But systematic monitoring of all Federal employees is a clumsy and inefficient way to protect Government networks.
Software that can reliably detect patterns of computer manipulation does not now exist. Broad surveillance of all Government computer users would still permit some illicit tampering to go undetected. Meanwhile, innocent Federal employees are likely to be subjected to electronic snooping and investigative surveillance.
Even more troubling than the monitoring of all Federal computers is the plan's proposal for extending the automated surveillance program to private-sector networks. Although this would only be done with the agreement of the relevant corporate executives, unwary employees or E-mail correspondents could find their messages and files scrutinized by the Government's software as well. The results of this monitoring would also be reviewed by Federal agencies, although separately from the F.B.I.-run system for Government employees. Sophisticated computer users could escape surveillance with readily available encryption programs, allowing serious cyber terrorists to elude detection while the software snooped on ordinary citizens.
The Administration needs to come up with new approaches to the problem of computer security that depend less on the wholesale monitoring of private communications. Its current proposal would create more problems than it would solve.
Copyright 1999 The New York Times Company