White House Offers Glimpse of Cybersecurity Program
The White House yesterday released a newly declassified description (pdf) of the Comprehensive National Cybersecurity Initiative (CNCI), a highly classified program that is intended to protect U.S. government computer networks against intrusion and disruption.
The cybersecurity initiative was established in January 2008 by President Bush’s classified National Security Presidential Directive (NSPD) 54, and quickly became controversial in part because of the intense secrecy surrounding it.
“Virtually everything about the initiative is highly classified,” the Senate Armed Services Committee complained in 2008, “and most of the information that is not classified is categorized as ‘For Official Use Only’. These restrictions preclude public education, awareness and debate about the policy and legal issues, real or imagined, that the initiative poses in the areas of privacy and civil liberties…. The Committee strongly urges the [Bush] Administration to reconsider the necessity and wisdom of the blanket, indiscriminate classification levels established for the initiative.” No such reconsideration was forthcoming until now.
Concerns about overclassification were also expressed by the National Academy of Sciences in a 2009 report, which called for “a broad, unclassified national debate and discussion about cyber-attack policy,” and argued that “secrecy even about broad policy issues serves mostly to inhibit necessary discussion about them.”
The Comprehensive National Cybersecurity Initiative was “the single largest request and the most important initiative of the President’s fiscal year 2009 [intelligence] budget request,” the House Intelligence Committee said in its report on the FY2009 intelligence authorization act.
The Electronic Privacy Information Center filed a Freedom of Information Act lawsuit (pdf) just last month seeking declassification and disclosure of the Bush Administration’s NSPD 54.
But that foundational directive was not disclosed, nor did the Obama Administration address the issue of offensive cyber policy raised by the National Academy. Instead, the White House released a descriptive summary of 12 component elements of the Cybersecurity Initiative, a gesture that it said was consistent with the President’s emphasis on increased transparency.
“Transparency is particularly vital in areas, such as the CNCI, where there have been legitimate questions about sensitive topics like the role of the intelligence community in cybersecurity,” said Howard A. Schmidt, the White House Cybersecurity Coordinator who announced the disclosure. “Transparency provides the American people with the ability to partner with government and participate meaningfully in the discussion about how we can use the extraordinary resources and expertise of the intelligence community with proper oversight for the protection of privacy and civil liberties,” Mr. Schmidt said.
But without a clear delineation of legal authorities and implementation mechanisms, the scope for meaningful public discussion seems limited.
As the House Intelligence Committee put it in 2008, “a cybersecurity initiative [is] worthwhile in principle, but the details of the CNCI remain vague and, thus, open to question.”
In order to bolster independent oversight of programs such as the CNCI that must remain classified, at least in part, dozens of public interest organizations including the Federation of American Scientists this week urged President Obama (pdf) to finally appoint the members of an independent executive branch oversight board.
The Privacy and Civil Liberties Oversight Board (pdf), originally proposed in 2004 by the 9/11 Commission to monitor and defend civil liberties in information sharing and counterterrorism activities, was given independent agency status by Congress in 2007. But it has remained vacant since that time and thus unable to fulfill its assigned task.
“It is crucial that you nominate qualified individuals to serve on the PCLOB, so that it may begin to provide guidance as new policies and procedures are developed,” the public interest group letter said.
Americans are paying too much for almost everything, because the United States has long treated its trucking industry as an artifact to be preserved rather than as an opportunity for innovation.
These ideas aim to advance the detailed policy solutions needed to foster public trust and implement fairness in the adoption of AI across diverse domains, from healthcare and government benefits to rural access, education, and worker protections.
The evidence is clear: algorithmic pay-setting is established in app-based work, and payroll/timekeeping failures show how software can produce systemic wage harm at scale
While a few states have taken steps to implement decision-making mechanisms for certain AI systems, too many leaders are simply accepting narratives about AI’s purported public benefit at face value – jumping to the “how” of AI implementation before thoroughly vetting potential systems and deciding whether they are appropriate to use at all.