via cnet News
A top Defense Department official said today that the U.S. military should “extend” a technological shield used to protect its own networks to important private sector computers as well, which could sweep in portions of the Internet and raise civil liberty concerns.
William Lynn, the deputy secretary of defense, proposed at the RSA Conference extending “the high level of protection afforded by active defenses to private networks that operate infrastructure” that’s crucial to the military or the U.S. economy.
What Lynn refers to as “active defenses” were pioneered by the National Security Agency. In an essay last year, Lynn likened them to a cross between a “sentry” and a “sharpshooter” that can also “hunt within” a network for malicious code or an intruder who managed to penetrate the network’s perimeter.
But the power to monitor civilian networks for bad behavior includes the ability to monitor in general, and it was the NSA that also pioneered a controversial warrantless wiretapping program under the Bush administration. NSA director Keith Alexander was named head of the U.S. Cyber Command last year, an idea that Lynn had championed.
Concerns about privacy are likely to turn on the details, including whether the military merely provides source code for defensive and offensive technologies — or if it includes actual authority and oversight. Another open question is whether Web sites like Google.com and Hotmail.com could be considered “critical infrastructure,” or the definition would be narrowed to facilities like power plants.