Privacy watchdogs and solution providers are urging caution as the federal government cracks down on security in the wake of the Sept. 11 terrorist attacks.
"The biggest concern is the risk to individual civil liberties and what we'll have to give up to ensure a higher level of security," said Larry Ponemon, CEO of Privacy Council, a Dallas-based solution provider. "Clearly, we're going to have to give up something. That's a given, but how much do we have to give up legitimately?"
 'It doesn't realyy matter what's right or what civil liberties people are saysing at this point. You have a national community that's scared and doesn't understand technology. And if the FBI says this will help them do their job, they're probably going to get it.' -- Oli Thordarson, Alvaka Networks |
"Once you forgo your privacy, your individual freedom as an American, I don't think it's going to be that easy to get it back," Ponemon said.
Federal officials have moved quickly on the domestic security issue. U.S. Attorney General John Ashcroft last week asked Congress to pass stricter anti-terrorism laws, including broader wiretapping authority for law enforcement agencies.
Immediately after the attacks, the Senate passed the Combating Terrorism Act of 2001, which includes expanded federal wiretapping authority.
"There have been a number of calls, some already acted on, for more extensive surveillance by law enforcement with fewer questions asked and fewer checks and balances," said Jason Catlett, president of Junkbusters, a Green Brook, N.J.-based consumer privacy firm.
Privacy Council last Thursday created the Council of Ethical Surveillance, a 14-member group of government and business leaders and privacy and security experts that will work to ensure public safety concerns are balanced with personal freedoms.
 |
Some security experts are worried about the future of cryptography as the government responds to the terrorist assault. Consultant Phil Zimmermann, the creator of PGP (Pretty Good Privacy) cryptographic software, cautioned policy makers not to make hasty decisions.
"Momentous political decisions that could affect the whole of society for the next generation should be made after careful deliberation and not at our moment of maximum emotional pressure," he said.
The federal government's decision in the late 1990s to relax encryption export controls came after long debate and analysis by federal officials, academics, the computer industry and others, Zimmermann said. Their conclusion was that "society is better served by the availability of strong cryptography than without it," he said.
Strong cryptography helps protect the national infrastructure, Zimmermann added. "We could open ourselves up to [further] attack if the use of strong cryptography is weakened," he said.
Roger Blohm, director of managed services at Satel, a Salt Lake City-based security solution provider, also said he's concerned about encryption's future. Encryption export controls created headaches for American companies, Blohm said, adding that he's concerned about the government mandating access to private data.
"Companies need to cooperate to solve crimes such as the disaster in New York," Blohm said. "Companies are less likely to cooperate with the government if they don't have the guarantee of privacy."
But Oli Thordarson, president of Alvaka Networks, Huntington Beach, Calif., said the American public might be willing to trade some degree of privacy for heightened security, at least for the time being.
"It doesn't really matter what's right or what civil liberties people are saying at this point," Thordarson said. "You have a national community that's scared and doesn't understand technology. And if the FBI says this will help them do their job, they're probably going to get it."
