Politicians are now coming to software companies asking for back doors to be able to track terrorists and cyber-attacks. In his recent State of the Union address in January, Obama said:
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids.”

British Prime Minister David Cameron also was concerned in a joint press conference earlier in the week. “As technology develops, as the world moves on, we should try to avoid the safe havens that would otherwise be created for terrorists to talk,” said Cameron.

Obama didn’t take the same position on Cameron’s proposal, but he did say that it was important to be able to keep tabs on terrorists who are using social media and the Internet. “When we have the ability to track that, in a way that is legal, conforms with due process, rule of law and oversight, then that’s a capability we have to preserve,” said Obama.

Obviously, politicians represent the views of a significant portion of the population. However, even if they represent the majority, we should not assume that what they are proposing is ethical. If there is a law that requires social media companies to give them ways to keep tabs on people, then we must comply. But we must do our own analysis to see if this intrusion is ethical. As I explained in one of my first blogs, ethics is not about the standards of behavior our society accepts.

In Canada, the Supreme Court recently ruled that the police must have a warrant to get internet user’s information, but it was long overdue for the implementation of this law. The scary thing is that prior to this decision, search warrants were not part of the standard protocol of what is clearly a systematic breach of privacy. In Canada, at least, all it required was a casual request. And these were submitted hundreds of thousands of times a year.

While politicians and law catch up to the reality of current IT abilities, IT should offer opinions as the knowledgeable professionals in this area. We know the parallels between a phone tap and supplying an IP address for a specific customer. The CIPS Code of Ethics has specific instructions about maintaining confidential information and privacy but it also says to put protecting the public interest first. Do we think the warrant process that managed phone taps will work for IP addresses?

I guess I’m Canadian enough to agree with the Canadian Supreme Court. Now we will see what Obama and the U.S. want.

Related Download
Cybersecurity Conversations with your Board Sponsor: CanadianCIO
Cybersecurity Conversations with your Board – A Survival Guide
Download Now