Edward Snowden’s revelations of the National Security Agency’s (NSA) extensive data collection programs last year sparked an intense debate on the future of electronic surveillance in the United States and globally. As the extent of electronic surveillance has moved to the forefront of the American political discourse, the effects of Snowden’s revelations on the future of cyberspace remain unpredictable.
David Ignatius, author of The Director, joined Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council’s Brent Scowcroft Center on International Security, Cheri McGuire vice president of Global Government Affairs and Cybersecurity Policy at Symantec Corporation, and Jeff Moss a nonresident senior fellow at the Atlantic Council’s Cyber Statecraft Initiative to discuss national security and digital prosperity after Snowden.
Jane Hull Lute, president and chief executive officer of the Council on CyberSecurity introduced the panel and set the stage for a discussion of the difficulties in balancing security and privacy in cyberspace today and how these questions will impact the future of the Internet. Ignatius compared today’s hackers to Edmund Hillary, the first person to summit Everest, who when asked why he climbed Everest replied, “Because it’s there.” Similarly todays hackers take the challenge to hack the Internet and various systems “because it’s there.” This mentality has created a world where it is easier for attack systems and steal data than it is to protect and makes it difficult for organizations such as the NSA to balance hacker culture with oversight and management principles.
The Snowden revelations have put an emphasis on privacy but Cheri McGurie voiced a concern that companies are afraid of being punished for making things more secure and that there needs to be a balance of privacy and security to support innovation. Jeff Moss questioned why companies make it so hard for consumers to detect if their software and hardware has been tampered with and remarked that security is moving from software to hardware in order to provide a known state for consumers to work from. Despite these potential improvements Ignatius cautioned that “the more you promise protection the more opportunities you give to the more insidious.” This comment echoed his earlier point that individuals, corporations, and states need to work with the expectation that nothing is secret and that we need to live with “life on the record.”
The panelists concluded by emphasizing the tension between the “two greatest threats to national security” terrorism and cyber attacks and the difficulties of addressing these questions in a democratic society. David Ignatius claimed that the United States is ahead of many countries, including much of the European Union, in addressing these issues. Cheri McGuire concluded by emphasizing the fact that most countries do not have oversight similar to the United States and the difference between the United States structure and that of the rest of the world. She did emphasize the importance of corporate transparency reports as a step to answering some of the concerns raised in the post Snowden world but Jeff Moss emphasized the need for more steps going forward.