White House to review net monitoring plan

White House to review net monitoring plan

By Christopher J. Dorobek

GCN Staff

The Clinton administration will review privacy implications of the planned Federal Intrusion Detection Network, which a draft National Security Council report recommends creating to monitor traffic on government and commercial networks.

FIDnet, unveiled late last month to catcalls from privacy groups [GCN, Aug. 2, Page 3], has also drawn fire from House Republicans.

'I am deeply concerned about reports that the administration is trying to set up a new Washington bureaucracy to protect the private sector from hackers and computer terrorists,' House Majority Leader Dick Armey (R-Texas) said last month. 'What we really need is protection from government Peeping Toms.'

In a July 30 letter to Attorney General Janet Reno, Armey asked for details about the plan, including to what extent the network would monitor private-sector networks, the timetable for implementing the plan and how the Justice Department plans to ensure individuals' privacy.

Funding block

The House Appropriations Committee voted last week to bar funding for FIDnet. It included the language as an amendment to the fiscal 2000 appropriations bill for the Commerce, Justice and State departments.

The concept of the monitoring network grew out of the administration's push to protect the country's information technology infrastructure. Presidential Decision Directive 63, issued last year, requires the government to come up with a plan for protecting both public and private networks from cyberattack.

Privacy advocates, however, said the monitoring network would violate people's privacy. People who visited federal Web sites, for example, would be considered to have given consent for FIDnet monitoring, the NSC draft said.

According to published reports, the White House is considering creating two broad FBI-controlled computer monitoring systems that would act as watchdogs over key data networks.

A senior White House official, however, said the FBI would not be involved in the monitoring system. The bureau would step in only if there was a reported malicious event.

'This is not an FBI- or a Justice-run system,' he said. The idea is that the General Services Administration would oversee the monitoring system.

Also, the system would not monitor private-sector networks; it is an attempt to develop the next generation of intrusion-monitoring detection networks in hopes of linking those into a single network for monitoring civilian agencies' critical systems, the official said.

Standard rules

'We want to make sure that FIDnet meets the standards and protections under the law,' the official said.

There are legitimate situations where traffic can be monitored, he said, and the administration is working to define those cases.

The administration is also conducting a high-level review of the privacy implications, the official said.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.