The Bush administration will propose a new Internet monitoring
system and will require ISPs to help build the system and track their users, according to reports.
The new requirements will part of the final version of “The National
Strategy to Secure Cyberspace,” expected to be released in early 2003,
according to a report in The New York Times.
Leading ISPs like America Online
, which are expected to raise concerns over the proposal, because some say the policy may cross a line regarding current
corporate and personal privacy laws.
The sticking point is not government protection against viruses and hacker
attacks on the nation’s information infrastructure, but rather the method,
techniques and communications process between the government, private
companies and individual users. Currently, there are strict laws concerning
telephone wire taps, and it is unclear if those same protections will be
extended for new government Internet monitoring techniques.
Experts say the Bush administration wants to create an “early warning
center,” which would give it the power to monitor any aspect of Internet
use in the U.S. But it’s still unclear what exactly the Bush administration
is going ask from ISPs, and what the reaction will be from the companies,
regulators and advocates of individual privacy.
“It sounds like they are planning a grand version of some sort of pattern
matching software that will examine streams of e-mail, instant messages and
web site addresses,” said Andrew Schulman, an independent software
litigation consultant, based in Santa Rosa, California. Schulman said this
software could be a help in tracking terrorist threats, but would alter
current corporate and surveillance rules.
There are still unanswered questions about what “real-time” monitoring
technology will be used, and what opportunities it may provide for
information security software vendors.
“The concern is obviously we have Fourth amendment protections in terms of
search and seizure, and there can only be reasonable, articulated and
particularized searches. The danger of a system like this is that it is not
based on suspicion of specific information, it’s a sweep without suspicion,”
While the report alludes to ISPs shouldering some of the responsibility to
implement the new system, there are no details regarding whether ISPs will
have to pay, or will be subsidized by government grants. It is also possible
that ISPs will need to revise their existing contracts with users, if more
intrusive surveillance practices are put in place.