Print 7 comment(s) - last by RufusM.. on Dec 21 at 9:55 AM

Plans calls for secure sharing that standardizes inter-agency methodology, while protecting civil liberties

In the wake of the failure to pass the "Cybersecurity Act" (bill S.2105 [PDF]) through the U.S. Senate, President Barack Obama was expected to turn to executive orders to implement much of the machinery proposed in the act.

In a potential wind up to such orders, the President on Thursday released his "National Strategy for Information Sharing and Safeguarding" (NSISS).

In the proposal, he writes:

As President, I have no greater responsibility than ensuring the safety and security of the United States and the American people. Meeting this responsibility requires the closest possible cooperation among our intelligence, military, diplomatic, homeland security, law enforcement, and public health communities, as well as with our partners at the State and local level and in the private sector. This cooperation, in turn, demands the timely and effective sharing of intelligence and information about threats to our Nation with those who need it, from the President to the police officer on the street.

In his commentary, he also adds, "This Strategy makes it clear that the individual privacy, civil rights, and civil liberties of United States persons must be—and will be—protected."

President Obama
President Obama says civil liberties and privacy safeguards must be built into information sharing systems up front -- not added as an afterthought. [Image Source: AP]

The document tends towards vague and nebulous generalities.  However, some details can be gleaned from it.

For example, it does make the suggestion of creating more standardized templates for information sharing requests, such that requests between the private sector and the government or one part of the government and another part, don't require a custom request each time.  The proposals also calls for a standardizing of information request authorization across multiple government agencies, to prevent anonymous interactions and decrease the number of credentials needed by one user with multiple agency access privileges.

The proposal also calls for more careful curation of data via meta-data tags.

Addressing the issue of trusting the government with data in the face of recent security leaks (like the Bradley Manning/Wikileaks drama), the President writes:

Recent information breaches and disclosures highlight vulnerabilities in the protection of sensitive and classified information. Continued implementation of structural reform and standardized policies, however, will strengthen oversight as well as align security best practices. The risk of unauthorized disclosure and misuse of information originates from insider threats and external intrusions; structural reforms must address both.

Leak -- blood
The strategy discusses the importance of protecting against leaks and makes some suggestions on how to prevent them.

The strategy discusses the need for built-in safeguards to protect civil liberties and privacy.  It suggests building such capabilities up-front during the early stages of implementation of new systems, versus implementing them as an afterthought.

In all, the proposal sounds pretty reasonable -- but the tricky part is always translating such a reasonable, but inarguably very general, set of guidelines into actual action.

Source: The White House [PDF]

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By nedsand on 12/21/2012 9:18:24 AM , Rating: 2
First thought.. Great an executive order with no money attached therefore no teeth. I can just imagine the total fail some agencies are going to create trying to implement this.

Second thought.. This is exactly the same thing the banking and credit rating industries do with our data. How do they get away with it? Maybe the government should take some pointers. Ohh wait. That makes sense. Sorry I'll stop doing that..

"And boy have we patented it!" -- Steve Jobs, Macworld 2007

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki