White House, NSA Weigh Cybersecurity, Personal Privacy
The National Security Agency has pushed repeatedly over the past year to expand its role in protecting private-sector computer networks from cyberattacks but has been rebuffed by the White House, largely because of privacy concerns, according to administration officials and internal documents.
The most contentious issue was a legislative proposal last year that would have required hundreds of companies that provide critical services such as electricity generation to allow their Internet traffic be continuously scanned using computer threat data provided by the spy agency. The companies would have been expected to turn over evidence of potential cyberattacks to the government.
NSA officials portrayed these measures as unobtrusive ways to protect the nation’s vital infrastructure from what they say are increasingly dire threats of devastating cyberattacks.
But the White House and Justice Department argued that the proposal would permit unprecedented government monitoring of routine civilian Internet activity, according to documents and officials familiar with the debate. They spoke on the condition of anonymity to describe administration deliberations; internal documents reviewed by The Washington Post backed these descriptions.
White House officials cautioned the NSA that President Obama has opposed cybersecurity measures that weakened personal privacy protections. They also warned the head of the spy agency, Gen. Keith Alexander, to restrain his public comments after speeches in which he argued that more expansive legal authority was necessary to defend the nation against cyberattacks, according to several officials.
“We have had to remind him to at least be cognizant of what the administration’s policy positions are, so if he’s openly advocating for something beyond that, that is undermining the commander-in-chief,” said an administration official.
The debate, which is surfacing as Congress considers landmark cyber legislation, turns on what means are necessary and appropriate to protect vital private-sector systems from attack by China, Russia or other potential adversaries. Even some criminal gangs and hackers, such as the self-styled activist group Anonymous, increasingly may acquire the tools to mount major assaults on the nation’s computer systems, say U.S. officials.
NSA officials acknowledged that they have warned about such threats but say they have not sought to establish policy.
“As a major source of the nation’s technical expertise on cyber and cybersecurity, we have a responsibility to ensure our leaders are informed and aware of what is happening in the cyber realm,” agency spokeswoman Judith Emmel said. “We also work diligently to team with other agencies, industry and academia to find solutions to protecting our nation’s critical infrastructure.”