Computer Security and National Security

Computer Security and National Security

Developments in computer security have been greatly influenced by the September 11, 2001 terrorist attacks in the United States and their aftermath. In response to these attacks, national security has become a major policy concern of Western nations. National security is the maintenance of the integrity and survival of the nation-state and its institutions by taking measures to defend it from threats, particularly threats from the outside. Many new laws, directives and programs protective of national security have come into place in Western nations after 9/11, including the creation in the U.S. of an entire Department of Homeland Security. The major emphasis in these initiatives is the protection of state interests against terrorist attacks. Information technology has acquired a dual role in this quest for national security. First of all, computer security has become a major priority, particularly the protection of critical information infrastructure from external threats. Government computers, but also other public and private infrastructure, including the Internet and telephone network, have been subjected to stepped-up security measures. Secondly, governments have attempted to gain more control over public and private information infrastructures. They have done this through wiretapping and data interception, by requiring Internet providers and telephone companies to store phone and e-mail communications records and make them available to law enforcement officials, by attempting to outlaw certain forms of encryption, or even through attempts to require companies to engineer Internet so that eavesdropping by the government is made easier. Paradoxically, these efforts by governments to gain more control over information also lessen certain forms of security: they make computers less secure from access by government agencies. 

Philosopher Helen Nissenbaum has argued that the current concern for national security has resulted in a new conception of computer security next to the classical one. The classical or ordinary conception of computer security is the one used by the technical community and defines computer security in terms of systems security and integrity, availability and confidentiality of data. Nissenbaum calls this technical computer security. The other, which she calls cyber security, involves the protection of information infrastructure against threats to national interests. Such threats have come to be defined more broadly than terrorism, and have nowadays come to include all kinds of threats to public order, including internet crime, online child pornography, computer viruses, and racist and hate-inducing websites. At the heart of cyber security, however, are concerns for national security, and especially the state’s vulnerability to terrorist attacks.

Nissenbaum emphasizes that technical computer security and cyber security have different conceptions of the aims of computer security and the

measures that need to be taken. Technical computer security aims to protect the private interests of individuals and organizations, specifically owners and users of computer systems and data. Cyber security aims to protect the interests of the nation-state and conceives of computer security

as a component of national security. Technical computer security measures mostly protect computer systems from outside attacks. Cyber security initiatives include such protective measures as well, but in addition include measures to gain access to computer systems and control information. The two conceptions of security come into conflict when they recommend opposite measures. For instance, cyber-security may require computers system to be opened up to remote government inspection or may require government access to websites to shut them down, while technical computer security may prohibit such actions. The different interests of technical computer security and cyber security can in this way create moral dilemmas: should priority be given to state interests or to the interests and rights of private parties? This points to the larger dilemma of how to balance national security interests against civil rights after 9/11.