Chertoff: ‘Rules and Regulations’ Complicate Anti-Cybercrime Efforts

June 23, 2011
FedCyber Wire
No Comment

via The Wall Street Journal

Former Homeland Security Secretary Michael Chertoff Wednesday suggested easing restrictions on the domestic activities of intelligence agencies like the CIA as a way to combat international computer hacking.

“We need to take a fresh look” at laws that generally prohibit such intelligence agencies from investigating people in the U.S., he said at an industry-sponsored event Wednesday. He explained that the laws are also preventing the agencies from investigating computers in the U.S. controlled by people outside the country. Chertoff, who co-founded the Chertoff Group, a security-consulting firm, described an “unbelievable thicket … of rules and regulations” that get in the way of thwarting international cyber attacks.

Chertoff said intelligence agencies are reluctant to examine U.S. computers in international cyber-terrorism investigations because the computers typically contain data on people inside, as well as outside, the U.S.

“The lawyers get really risk-averse,” he said. The FBI can investigate people in the U.S., but Chertoff said intelligence agencies might bring more expertise to international cyber-terrorism cases.

Gregory T. Nojeim, director of the project on security, freedom and technology at the Center for Democracy and Technology, a civil-liberties advocacy group, said more information sharing among agencies could accomplish the same goals.

“It seems to me that such information sharing would suffice for cybersecurity reasons and that we don’t need to rewrite the intelligence surveillance rules to do this work effectively,” said Nojeim, who was not speaking at the event.

Continued here.