Making the Internet Safer, the NSA Way
Securing our networked environment is both crucial and difficult. Six months ago, President Obama declared his Administration’s commitment to protect cyberspace from sabotage of all stripes. For the President, the rise of online theft, electronic espionage, and military-related cyber assaults necessitated the appointment of a cyber czar to protect our cyber “national assets.” The President has tried to fill that spot: Shane Harris of National Journal explains that “more candidates had declined the job than were still in the running for it.” And despite our failed efforts at CoOp to recruit Orin Kerr for the job, the cyber czar position remains empty.
This state of affairs may be due to the difficult nature of the task at hand. Former NSA head General Michael Hayden recently said: “There is no regime for us to work within to respond to cyberattack. We are in a place where technology has long outstripped policy–let alone law–in term of what’s available. We are going to have to rely on heroism instead of a plan.” If Hayden has it right, it is no wonder that no one wants the job.
Nonetheless, the Administration may have already charted its path, one that entrusts the National Security Agency with protecting cyberspace. According to the National Journal, Lt. General Keith B. Alexander, the NSA’s director, has been “setting up the central nervous system in the government’s campaign to defend cyberspace.” The NSA will now, unlike the past, help oversee the networks of civilian government and privately-owned, criticial infrastructure (dams, railroads, hospitals, banks, food industry, hotels, telecommunications, postal, shipping, retail, transportation, and well everything else). This is true even though DHS is charged with defending civilian networks and coordinating private sector protection. Homeland Security Security Secretary Janet Napolitano said that NSA will provide DHS “technical assistance” on this issue. In short, DHS will rely on the NSA for the tools, expertise, and resources to protect cyberspace.
So the NSA apparently will be overseeing and securing private networks, the same NSA that engaged in wholesale warrantless surveillance of Americans after 9/11 (and the agency that monitored telegrams coming in and out of the United States to detect individuals with communist ties in the 1950s and 1960s)? Congress has, of course, limited the NSA’s warrantless wiretapping and the President has promised us greater transparency in government decision-making. Nonetheless, NSA’s oversight over privately-owned systems and wholesale access to their contents raises serious concerns. And because the NSA will direct these efforts in the name of national security and intelligence, little transparency will be forthcoming. On another note, the question remains whether it was agency turf-war antics that led to Melissa Hathaway’s decision to leave government–she was the DHS official and most senior cyber expert in the White House who had been a leading candidate for the cyber czar post. At the time of her resignation, Hathaway told the Washington Post that she “wasn’t willing to continue to wait any longer,” and she wasn’t “empowered” to make any changes.