- The Washington Times - Tuesday, July 17, 2001

The threat of a break in security increases as the Internet grows in size and scope, but efforts to improve the situation must be weighed carefully against privacy issues, Internet officials told a Senate panel yesterday.
"Security is failing us," Harris Miller, president of the Information Technology Association of America, told the Senate's science, technology and space subcommittee. "Every year the problem gets worse and worse."
There was little disagreement among the panelists and the subcommittee chairman, Sen. Ron Wyden, Oregon Democrat, who said strict and specific legislation is needed to curb the number of security incidents such as "denial of access" attacks, viruses and thefts of credit cards and passwords.
The Computer Security Institute released a study earlier this year in which 85 percent of respondents said they experienced a computer breach, with 64 percent serious enough to cause financial losses.
"Hacking is no longer a joke, a mischievous prank that teen-agers pull for fun," Mr. Wyden said. "Where e-commerce is concerned, 'sabotage' would be a better term."
But the challenge is creating laws that can be enforced easily and lead to prosecution without violating U.S. citizens' privacy.
"Congress has to look at this a different way," said Vinton Cerf, considered the "father" of the Internet and a senior vice president of WorldCom Inc. "The last thing they should do is implement a Washington one-size-fits-all law that can't even be enforced."
The panelists and Mr. Wyden alluded to the challenge of creating laws that can be easily enforced without jeopardizing the privacy and personal freedoms of honest Internet users.
"There is a balance here, and that is a way to enforce these laws while protecting privacy," Mr. Cerf said. "In our zeal to catch up with criminals, we may put everyone in jail."
Said Bruce Schneier, chief technology officer of Counterpane Internet Security Inc.: "I worry about rushing into legislation. This is all very new. It's very hard to pin down what these things mean in this new environment."
Mr. Schneier, who spent last week with hackers and security experts at the Def-Con Internet security conference in Las Vegas, added that it should be possible for existing laws particularly those addressing theft and privacy to be enforced.
"I actually don't think we need new laws," he said. "We need old laws applied cleanly to the new environment."
Almost 70 percent of Americans said they feel threatened or are concerned about cyber-crime, according to a study by the Information Technology Association of America.
"People do care, but it's a lot of superficial caring," Mr. Schneier said.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide