US officials seeking to mend fences with tech companies renew pleas for cybersecurity law

Senior US officials sought to mend fences with the technology industry as they renewed their pleas for legislation to increase the flow of information about cyber attacks between federal agencies and private companies.
Senior US officials sought to mend fences with the technology industry as they renewed their pleas for legislation to increase the flow of information about cyber attacks between federal agencies and private companies.

 

The previous bill brought opposition from privacy advocates who feared too much data would end up in the hands of the National Security Agency, which is aligned the with military and generally charged with spying overseas. Those arguments resonate more now that documents leaked by Edward Snowden showed that the NSA collects domestic calling records and that big Internet companies provide information on thousands of overseas customers.

The White House task would be easier with technology companies’ support, but some are reluctant to endorse anything that would exacerbate the negative publicity from Snowden’s documents.

NSA Director Keith Alexander stressed Wednesday that Google Inc, Facebook Inc and other technology companies revealed by Snowden as assisting the NSA were only doing what courts had ordered them to do in a “compelled relationship.” A half-dozen companies are petitioning US courts for the right to disclose more about how much they turn over, saying that early media reports exaggerated their role.

The senior US official said the White House wants security legislation that would minimize data on Americans and limit what the NSA could do with that data.

In the meantime, federal agencies are working to share more information with each other more rapidly and automatically where feasible, and officials are expanding a program to use secret data about emerging threats to protect private companies that are critical to the country’s economic health.

In another bid to make amends with the technology industry, the US National Institute of Standards and Technology is revisiting its past endorsement of a cryptology tool developed at the NSA that Snowden’s papers show was promoted because it was weak and could be broken by the NSA. EMC Corp’s RSA security division and others adopted the tool and have recently asked software writers to stop relying on it, but many programs using it are in wide circulation.

A NIST official told Reuters that the agency would work closely with outside cryptography experts to see whether other standards were problematic. “We are looking at reviewing our processes,” said Donna Dodson, deputy cybersecurity advisor at NIST.

Alexander and Mike Rogers, chair of the House Intelligence Committee, gave spirited defenses of the NSA programs, which Alexander said had helped prevent dozens of terrorist attacks, and said that most of the violations described in declassified court rulings were minor.

Alexander said that over the past decade, the NSA had self-reported 12 “willful” violations of its own spying rules overseas, and that the majority of those responsible had taken retirement afterward. Two were demoted and had their pay docked.

Read more: http://voiceofrussia.com/news/2013_09_26/US-officials-seeking-to-mend-fences-with-tech-companies-renew-pleas-for-cybersecurity-law-7275/?from=menu

Advertisements

About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in cyber and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s