In response to a series of major data breaches at US companies in recent months including Sony, Anthem and Target, President Obama unveiled a series of cyber security proposals in his last State of the Union address in January. Obama followed up on this declaration of intent by signing a new executive order during the Summit on Cybersecurity and Consumer Protection organized by the White House at Stanford University in February.
Obama’s executive order encourages the development of Information Sharing and Analysis Organizations (“ISAOs”), providing legal-liability protection to make it easier for businesses and government to share online threat data specific to their industry or geographic region. The order also increases the role of the Department of Homeland Security in the data-sharing process by permitting it to enter into agreements and coordinate the ISAOs.
Mr. Obama’s renewed focus on cyber security has been mostly welcomed by the tech industry, however, the president continues to encounter some of the same suspicions over the privacy of online data that were so effectively highlighted by the Edward Snowden revelations about the NSA in 2013. Although Cyber terrorism is a reality, the concern is that unless there is a balancing between governmental intrusion and the individual’s right to privacy, people’s rights will be violated as they have in the past.
The right to privacy has been affected previously by extraordinary events around the world such as terrorism. While society has not been willing to sacrifice individual civil liberties lightly, it has done so in circumstances where the prevalent belief was that personal security has been threatened. In recent times, surveillance regimes that have been adopted as anti-terrorism measures have had a profound, chilling effect on other fundamental human rights.
The most drastic change affecting privacy in the laws of the United States occurred in response to the 9/11 attacks, when President Bush signed into law the anti-terrorism statute titled Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism, more commonly known as the USA PATRIOT Act. Among other things, the Patriot Act expanded the wiretapping and electronic surveillance powers of federal law enforcement authorities, and increased the information-sharing powers of investigative agencies. It also allowed law enforcement to demand libraries, bookstores, and businesses to produce tangible items, such as papers, books, and records, about persons of interest, while forbidding disclosure of such a demand. It further authorized searches conducted without giving contemporaneous notice of the search or an actual warrant for the search.
At the end of 2005, an article appeared on the front page of the New York Times chronicling widespread monitoring of telephonic and Internet communications by the NSA—National Security Agency. These intercepts occurred with the direct authorization President Bush, and were undertaken without approval or oversight by the judiciary, beginning shortly after the 9/11 terrorists attacks. This wide-ranging program targeted interception of email and telephone calls with the number of those targeted ranging from the hundreds to possibly thousands. The effect of such wholesale violation of the right to privacy caused uproar among regular citizens who thought that such governmental intrusion on their personal affairs was overreaching and unwarranted.
Acts of terrorism and a fear for our personal security have historically intersected the privacy protections recognized by governments, and at times, served to take a few steps back in the universal recognition of the right to privacy. However, the government’s unsound arguments positing that the only way to offer protection was to infringe in our right to privacy have not been successful in the long term. People have recognized the obvious flaw with the proposition that there must be a trade off between privacy and security. Our willingness to sacrifice our privacy for security has been short-lived, and eventually, the tide has had to turn back by popular demand.
Upon further reflection and discourse on the effect of excessively curtailing civil liberties, the conclusion must be that a balance between security and respect for human rights is necessary in a civilized society. The two are not mutually exclusive; it is possible to demand cyber security and the protection of the right to privacy at the same time. The government must be very careful not to institute measures that will encroach on peoples’ hard fought civil liberties. The efforts made by Obama through his new initiative must carefully be monitored so that the right to privacy of individuals is sufficiently protected both by government and private entities.