Author(s)
Source
in Cybercrime, Jack Balkin, James Grimmelmann, Eddan Katz, Nimrod Kozlovski, Shlomit Wagman and Tal Zarsky, Eds., New York: NYU Press, 2007, pp. 59-83
Summary
Examines two different definitions of computer security, and their impacts on national security policy choices.
Policy Relevance
Legislators should resist the urge to incorporate matters of technical computer security into a national security discourse of “cybersecurity,” and ensure that computer security in general does not unduly compromise our society’s democratic values.
Main Points
- There are two dominant definitions of computer security: “technical computer security,” based on the work of engineers and computer scientists to preserve the integrity and optimal performance of computer systems; and “cyber-security,” founded in national security discourse, that understands computers as a new front for international threats and conflicts.
- The impetus behind the need for security, with security defined, as “safety [and] freedom from the unwanted effects of another’s actions,” is different depending on the sort of computer security being considered: technical computer security assumes that the security of private systems is collectively a public good, while cybersecurity, which addresses the security of computer systems against national security threats, treats computer security as both a public good and a national necessity.
- While threats to technical computer security have usually been seen solvable through standard channels by technical or law enforcement communities, cybersecurity threats are presented by politicians and policymakers as requiring immediate, extraordinary political and technical responses.
- By encompassing all technical computer security questions under the framework of cybersecurity, policymakers overlook the incompatibilities between the technical and political steps necessary to promote each form of security, as well as the effects of this securitization on broader democratic values, including a loss of privacy, a higher incidence of government surveillance and intrusion, and the degradation of traditional legal standards.
- Considerable scrutiny should be directed - at both the security demands placed on technical computer security and how it is pulled into the cybersecurity debates.