Security and Privacy
The melissa computer-virus scare has highlighted some vital issues facing the information age. Every time one of these cyber attacks occurs, the need for effective action becomes clearer.
First, there's the broad issue of computer security. If a teenage computer hacker - the probable profile of Melissa's creator - can threaten thousands of businesses by choking up their e-mail systems, what could a determined international saboteur do to computer-controlled infrastructure like power grids?
That question has been poking at the government for years, but, regrettably, effective planning is still in an early stage. The administration has tried to earmark antiterrorism money for the cyber threat, but there's no real home for the funds - no agency set up to address this kind of borderless attack.
Alarmism is no answer. But the possibility of computer networks becoming targets has to be faced. It should be a defense priority. Belgrade-based hackers, ominously, have been interfering with NATO's Web page.
Another issue concerns privacy. The ability of software manufacturers and Web-page operators to collect information about people who use their products or sites is no secret. Civil libertarians have voiced concerns. The European Union has formulated a tough policy to protect its consumers from companies that compile and sell consumer data through their e-commerce.
That has caused major waves on this side of the Atlantic, with some American companies becoming quickly sensitized to privacy worries. These firms want to encourage voluntary privacy standards, to waylay government regulation. They also want to assure leery consumers that their rights will be respected as they shop the Internet.
IBM, for example, has just notified Web sites where it advertises that Big Blue ads will be pulled unless visitors to these sites are given a clear policy statement regarding the use of personal data. Another information-age giant, Microsoft, was recently called to account for a serial number generated by the newest version of its Windows software. The number allows the firm to gather information about its products' users without their knowledge.
That breach of privacy, ironically, links back to the Melissa saga. It was markers like the Microsoft serial number that allowed computer experts to trace the virus back to its probable creator or creators. So the question arises: Is there a conflict between greater privacy online and greater security?
Perhaps "creative tension" is more appropriate than "conflict." Privacy is a fundamental value that demands protecting. But compromises that allow the tracking down of saboteurs - and, for that matter, of lawbreakers like the purveyors of online child pornography - may in some circumstances have benefits that outweigh the costs. The intrusion of a computer virus is, after all, a flagrant invasion of privacy.