It’s time for a Cybersecurity Bill of Rights
© Getty Images

Your TV might be recording your conversations. Your email could be hacked. More and more of your personal data is being mined every day. Data breaches have become commonplace. Even your child’s doll might invite a stranger into your house.

By any measure, our privacy is in jeopardy. When our conversations are no longer private, when our personal data is being sliced and diced every which way, when we can’t expect even our messages, our photos, and our email to remain in our control, that fundamentally changes who we are and how we act.

ADVERTISEMENT
The U.S. Constitution doesn’t specifically define protections for privacy, but the time has come to consider a new series of amendments, similar in stature to the Bill of Rights that defined Americans’ inalienable freedoms. An enduring way to shore up our eroding privacy is to craft a Cyber Bill of Rights that draws a line in the sand before technology removes even our most basic expectations of privacy.

 

The problem of privacy will only grow worse

In a time of change with a new president, a new agenda, and renewed focus on protecting the U.S., cybersecurity presents a nasty set of challenges for the new administration as well as the citizenry.

The idea of government snooping and eavesdropping on nearly every aspect of one’s life has reached an apogee. The hacking of DNC emails that played out during the election brought cybersecurity to the forefront of American consciousness. President Trump has made cybersecurity a priority in his administration, and is putting budget behind his words, proposing a 6.8 percent increase to protect federal networks and infrastructure. Ransomware attacks that lock down personal data and release it for a price continue to grow. Seemingly every week a major corporation announces a data breach that has exposed passwords, credit card numbers, and other personal data.

Security professionals and businesses entrusted with our data will continue to bear the cost and operational responsibility of protecting it. This includes the unenviable tasks of securing mobile applications and networks. Indeed, they are in the position where they must husband data protection as best they can, which to some will be an insurmountable challenge. 

Yet every conversation around cybersecurity barely scratches the surface.

The top challenge in this new time isn’t preventing data breaches, stamping out ransomware, or preventing ever-more-massive DDoS attacks, though those are all problems that need solving. The most important challenge is addressing cybersecurity problems that threaten the big questions of humanity itself.

Many questions surround the notion of privacy. But information security professionals often hijack the conversation and turn attention to “data privacy” as if that is the ultimate question. Isn’t privacy more than data?

Questions like the following reveal the extent and importance of the problem:

Is privacy an immutable attribute of being human, an intrinsic part of the human condition? If we take away private moments, thoughts, and intimate communications, do we take away part of our humanity?

Does one “own” their unspoken thoughts, unseen actions, and meant-to-be-private moments? If so, does a government, organization, or anyone else have the “right” to confiscate, use, or monetize them?

Does removing privacy make anyone feel safer or better protected? Do we really live in a safer and more humane world when we can’t share a sweet-nothing note with a lover, sing in the shower, or just be ourselves without suspecting we’re being recorded or watched?

The time has come to answer these questions and more thorough legislative action. We need to address the biggest question of our time: Is individual privacy an inalienable right? 

Proposing new amendments to the Constitution

A Cybersecurity Bill of Rights would protect us from, well, ourselves. The more data we create, the more opportunities we give others to take advantage. This Bill of Rights would blueprint protections against our government’s urge to overreach and profit-hungry corporations’ habit of selling our personal information and private data. 

Most importantly, these rights will keep us true to what it means to be human.

Let’s explore what these new rights might be and how they might be constructed for inclusion into the U.S. Constitution:

Right to privacy

“The right of the people to personal privacy and to ownership of all information about themselves, including their body, property, data, thoughts, feelings, internet avatar(s), profiles, and identity, shall not be infringed. Citizens will be the final arbiter of all information about themselves, and any disclosure needs to be transparent and authorized. This right includes the ability to opt out of programs, including government programs, whereby citizens choose their privacy above all else.”

Freedom to code

“The right of the people to create code will be considered a freedom of expression and thought, and will not be infringed.”

Freedom to socially interact on the Internet

“The right of the people to be part of the public community and create cyber discussions and gather virtually, analogous to freedom of assembly, press, and speech, shall not be infringed.”

Each of these three human rights protects us against obvious and serious dangers that play out around us daily. They will aid the judicial system in determining who is at fault and what actions to take in guarding privacy. They will influence the way we shape treaties with foreign lands. They will protect one of the most crucial elements in our humanity: privacy.

It is high time that we come together to protect ourselves from ourselves.

Carl Herberger is the vice presidency of security solutions for cybersecurity firm Radware. He was previously an Air Force officer, with his last duty serving the Pentagon. While at the Pentagon, he evaluated computer security events affecting daily Air Force operations. He also managed critical operational intelligence for computer network attack programs to aid the National Security Council and Secretary of the Air Force with policy and budgetary defense.


The views expressed by contributors are their own and are not the views of The Hill.