Our world is becoming increasingly reliant on the internet for almost every aspect of our lives. It’s become the dominant platform in a number of crucial industries including banking, healthcare, communication, transportation, energy and government. Protection of the internet infrastructure as well as the hardware and software required to negotiate it has become more of a concern as the influence of bad actors prove that it’s not completely secure in and of itself. However, there are also some apprehensions regarding who implements and controls cybersecurity activities and regulations. Assertions have been made that certain cybersecurity measures may actually be more harmful than helpful. So, what is the primary argument against increasing cybersecurity? In this post we’ll investigate this controversy.
But Isn’t Cybersecurity Necessary?
Most parties questioning the methods of cybersecurity aren’t necessarily arguing for its outright ban. There’s no doubt that the movement of private and sensitive information across the internet needs to be protected. Malicious attacks on systems and software can lead to technological disruptions that harm everyone from the lonely grandparent to the largest corporations in the world. However, the primary argument against increasing cybersecurity comes from those who are most concerned about personal privacy, online freedoms and access to information.
Who Controls the System?
Because cyberspace is a global system and the internet isn’t bound by borders, it doesn’t fall under the jurisdiction of any one government or regulatory body. This raises the questions of who is or who should be in control of the system? Who is responsible for codes of conduct and their enforcement? If you look at examples of mass surveillance of the public by agencies such as the NSA (National Security Agency) in the United States, cybersecurity was used as an excuse to monitor political opinion and silence dissent. As an arm of the US government, which ostensibly acts on behalf of its own citizens, you have a political entity using cybersecurity as an excuse to target its own citizens. Similar programs have targeted journalists, politicians, whistleblowers and others and have resulted in deaths. Very often telecommunications companies and other large corporations, who are some of the biggest proponents of cybersecurity, are co-conspirators in these schemes. What may begin as an investigation into criminal activities (including cybercrime) can quickly turn into communication control and breaches of personal freedoms and privacy.
Security Features That May Not Be Secure
One of the internets connected products that almost everyone uses every day, namely our mobile phones, are often marketed as safe and secure – able to protect our sensitive data and information. But when a law enforcement organization demands that the manufacturers of these products open virtual backdoors to allow surveillance in the name of security, suddenly cybersecurity becomes much more nuanced than simply something that’s protecting the public from criminal acts. Cybersecurity, in cases such as these, could be the criminal act itself.
The Uneasy Relationship Between Cybersecurity, Privacy and Access to Information
Many governments around the world have implemented, or tried to implement, cybersecurity initiatives that have set alarm bells ringing among privacy advocates. This is often because they allow private information to be shared freely between governments and corporations. Decisions are being made about cybersecurity that may ultimately affect freedom of thought and access to information by private citizens. And very often there’s no public oversight, input or involvement in these decisions. Accountability may not actually exist. In fact, citizens can be criminalized, their freedoms restricted and their access to information denied because of overzealous cybersecurity laws.
Accountable Cybersecurity
If cybersecurity is meant to be a positive force for all, there needs to be more accountability and oversight allowed by those in position to be legislating these kinds of actions. Without public input, as well as the protection of privacy and access to information, cybersecurity may end up being exactly opposite of what it seems to be.