Skip to Content

Government Surveillance

Cybersecurity: It’s Us and Them, Not Us vs. Them

Government cybersecurity efforts have been shrouded in too much secrecy, CDT said in a Policy Post released today. Greater openness is needed to ensure the public understanding of cybersecurity efforts, while also holding government accountable for its efforts. Of course not every jot and tittle of the government’s cybersecurity strategy needs to be “open source.” Many details should remain classified; the “spy vs. spy” game in cyberspace demands as much. However, the level of secrecy toward cybersecurity the last Administration displayed put the success of the program at risk by not providing enough information for the public to understand what the government was trying to do, the role of the private sector, and how privacy would be protected. CDT also said that the Department of Homeland Security should, with additional resources, lead the government’s cybersecurity efforts; that stance counters others suggesting responsibility for cybersecurity should be given to the NSA. Enough said. In addition, CDT said that the private sector should monitor private sector networks; no government entity should be involved in private network monitoring. Finally, CDT provided several recommendations for building a leadership structure, emanating from the White House, to protect and advocate for privacy. Those recommendations are:

  • Appointing a Chief Privacy Officer at OMB – CDT has urged President Obama to appoint a chief privacy officer, housed at OMB, to help develop better privacy protections within the federal government. This officer will need at least a small staff and resources to be effective.

  • Creating a Privacy Officers’ Council – A CPO Council, comprised of the privacy officers of the various agencies and separate from the existing CIO Council, will help the agencies share information about privacy issues and offer a means for the OMB Chief Privacy Officer to work directly with the departments on a regular basis.

  • Designating a Privacy Contact in NSC – Having a person responsible for privacy in the NSC could help build trust between the privacy community and the national security leadership. It would be essential that this position have the ability to work with the OMB privacy officer and the intelligence community and to brief those outside government as much as possible on a non-classified basis.

  • Reconstituting the Privacy and Civil Liberties Oversight Board – The PCLOB remains without members or staff. This body could play an important independent role in oversight of privacy and civil liberties. It needs to be reconstituted quickly. The President should nominate and the Senate should confirm members of the Board promptly.