Computer World –
WASHINGTON -- The Clinton administration is developing a computer security plan that would link public agencies and private companies in one massive intrusion-detection system.
The 140-page draft proposal calls for developing a system that would "net" together federal and private firms in key sectors, such as energy, telecommunications and transportation.
As any one site was attacked, word of the attack would be flashed to all the other sites in the system. The FBI would operate essentially at the center of the system.
The plan, called the Federal Intrusion Detection Network (FIDNET), has the apparent support of President Clinton, who said the backing of the private sector is needed to make it work.
"For the plan to succeed, government and the private sector must work together in a partnership unlike any we have seen before," Clinton wrote in a cover letter accompanying the report. "Only with the fullest participation of our private companies and government agencies can we achieve the high standard of information assurance we require."
Cooperation among private companies and federal agencies, and not government regulation, will be needed to develop the system, the report said.
Each of the critical private sectors "must decide for itself what practices, procedures and standards are necessary for it to protect its key systems," the report said.
The report was disclosed in today's New York Times. A copy of the draft proposal was subsequently obtained by Computerworld.
Underpinning the need for this system is a belief that the private-sector infrastructure is as likely to be the target for computer systems attack as any government agency, the report said. But the plan has raised concern among privacy advocates, who say the monitoring and surveillance that would be part of FIDNET has profound civil liberty implications.
"I think there should be a public discussion before it happens, about the pros and cons about how this data is going to be used," said Mary Culnan, a professor of business administration at Georgetown University, who has worked on privacy studies.
Culnan believes the system may threaten the relative autonomy people have in cyberspace to move without being tracked. "This is moving toward a national ID card in cyberspace where potentially there will be no anonymity," she said.
The plan also drew criticism today from Sens. Conrad Burns (R-Mont.) and Ron Wyden (D-Ore.), who said, in a joint statement, that the plan "to monitor a huge portion of the Internet" is a threat to privacy. They also said the government needs to close the holes in its networks through strong encryption, and not just by monitoring efforts to exploit them.