By Jared Chausow
By Katie Toth
By Elizabeth Flock
By Albert Samaha
By Anna Merlan
By Jon Campbell
By Jon Campbell
By Albert Samaha
Technology has been a popular scapegoat in recent years, shouldering the blame for everything from Columbine (all those violent video games) to the economy's recent nosedive (all those nefarious dotcoms). So it was scant surprise when technology was labeled a minor culprit in the horrors of September 11. When word leaked that Osama bin Laden's suspected minions likely encrypted their electronic messages, communicated via free e-mail accounts, and even made their fateful airline reservations on Travelocity.com, the hand-wringing commenced. If only the networked world were better policed, congressmen and Fox News talking heads contended, then perhaps the twin towers would still stand today.
A few noted cyber-libertarians, such as Electronic Frontier Foundation founder (and ex-Grateful Dead lyricist) John Perry Barlow, were quick to defend the Internet's wild and woolly character, stressing that an unregulated cyberspace is essential to public discourse. Free-software guru Eric Raymond circulated a long-winded, pro-civil-liberties spiel to like-minded technologists, though his zealous insistence that more lenient handgun laws would have prevented the hijackings made the missive seem kooky and ill-timed.
Patriotic bluster drowned out the online idealists. Wartime means hardship, and electronic privacy suddenly seemed like a needless luxury. Congressmen assured the public that civil liberties would be preserved as we prepare for a long, potentially bloody campaign. "There will be . . . inconvenience," said Republican Representative Dick Armey of Texas, in a comment typical of the post-attack session. "But we will not violate people's basic rights as we make this nation more secure." Still, legislators did not hesitate to bolster the cops' power to monitor electronic communications. On September 13, Congress passed the Combating Terrorism Act of 2001 (CTA), which lowers the legal standards necessary for the FBI to deploy its infamous Carnivore surveillance system. Carnivore, recently renamed DCS1000 in a public-relations maneuver, is a computer that the Feds attach to an Internet service provider; once in place, it scans e-mail traffic for "suspicious" subjectswhich, in the current climate, could be something as innocent as a message with the word "Allah" in the header.
Next up on the congressional agenda is the far broader Mobilization Against Terrorism Act (MATA), which would empower any U.S. attorney to order a Carnivore installation without first obtaining a court order. It would also let American prosecutors use electronic evidence gathered abroad, even when that evidence was not gathered in accordance with the Fourth Amendment's guarantees against unreasonable search and seizure. "These are the kinds of things that law enforcement has asked us for," explained Republican senator Jon Kyl from Arizona, a co-sponsor of the CTA. "This combination is relatively modest in comparison with the kind of terrorist attack we have just suffered."
Some technologists, however, say that CTA and MATA invite misuse, no matter what politicians say. Among the first to urge caution was Matt Blaze, an AT&T research scientist. In an open letter dated September 12, Blaze fretted, "I fear that we will be seduced into accepting what seem at first blush as nothing more than reasonable inconveniences, small prices to pay for reducing the risk that terrorism happens on our soil again, without assessing fully the hidden costs to our values. . . . Like it or not, computers and networks, as much as our Constitution, are now endowed with the power to either protect us from or make us more vulnerable to evils like unreasonable search and censorship." Blaze was also one of 42 computer scientists to publicly support In Defense of Freedom (www.indefenseoffreedom.org), a 10-point declaration that urged lawmakers to protect civil liberties despite the anti-terrorist fervor. (In Defense of Freedom also attracted the support of over 150 organizations, ranging from the left-wing People for the American Way to the ultra-conservative Eagle Forum.)
Yet precious few in the intelligence community sympathize with Blaze's concerns. Military types have been blasting cyberspace's feral nature for years, fretting over the cover it can provide for rogue groups like Bin Laden's Al Qaeda. At a 1999 colloquium on information-age conflict, Kenneth Minihan, a retired air force general, warned of the Internet's openness and referred to privacy concerns as a "side show" that complicates national security. And just six days before the attacks, Ronald Dick, director of the FBI's National Infrastructure Protection Center, accused civil libertarians of in effect aiding and abetting criminals: "Quite simply, the balance described in the Constitution, which provides the government with the capacity to protect the public, is eroding. In its place, the privacy of criminals and foreign enemies is edging toward the absolute."
Much of the public, ever fearful of technology, seems to agree. According to one post-attack poll, for example, 72 percent of Americans favor new anti-encryption laws. That sentiment no doubt delights Republican senator Judd Gregg of New Hampshire, who is drafting legislation that could revive the discredited concept of "key escrow." If key escrow becomes law, vendors of cryptography products will be forced to hand over their keysthe decoding mechanismsto a trusted third party, like an accounting firm. In an emergency, the government can then use a court order to obtain the keys from the third party and decode whatever Internet traffic they wish. A real world analogy would be a law that compels you to trust your apartment keys to a local bank, who in turn can hand those keys to the police if you are suspected of wrongdoing.