Damian Paletta has an interesting story in the Wall Street Journal today ( U.S. Firms Fight Global Cyberweapons Deal, http://www.wsj.com/articles/u-s-firms-fight-global-cyberweapon-deal-1444952599 ) about U.S. industry try to challenge the export controls to be placed on software which has potential cyberwar applications. The Journal article says it this way:
" Many of these companies say these rules—which would force them to apply for a series of licenses to export technology that could be used for cyberwarfare—would harm their business while doing little to stop oppressive regimes or others from using intrusion software that surreptitiously monitors communication.
I have some trouble with this kind of argument, especially coming from the likes of Cisco Systems Inc., Northrop Grumman Corp., Boeing Co., and Raytheon Co. What it boils down to is the uses made of some of their software, not the software usefulness to law enforcement or allied countries and their businesses. If some of their tools are used to test networks for vulnerabilities, we would be hard pressed to object to them selling it. Everyone should buy some software that checks for vulnerabilities and it might as well be from us. That is not what we are talking about here.
What these companies make is software that can monitor citizens of a country for possible hacking, misuse, or violations of privilege - like sending documents out of a network that are supposed to be protected. They make software that will monitor cell phones, laptops, tablets, and any network connected device. Businesses have a legitimate need for some of these things to protect proprietary information on business networks. As employees, you might not like this, but you don't have a right to privacy on a business network. That is why you are warned that that collection of data is going to take place.
These are powerful tools in the hands of some governments like China, Russia and Iran where that software has ended up. The problem is, they didn't necessarily sell it to them. Our government wants to control the dissemination of this kind of stuff and has tried to write laws to do that. They have not done a very good job of it. The businesses don't like controls on anything that might have a use harmful to citizens. Cell phones can have uses that harm lots of people but we don't control their sale.
We need to start this process over and get some legislation that can be enforced without an undue burden to the people who make and market it. On the other hand, those businesses should cooperate in controlling software which is very intrusive and controlling in the hands of known enemies. They need to define how they can help to do that. We don't seem to have that agreement just now.
No comments:
Post a Comment