For Immediate Release
(10 April 2000)
ACP FOCUSES ON CRITICAL INFRASTRUCTURE PROTECTION
Coalition Issues Principles Setting Forth Proper Roles Of Industry and Government In Securing Networks and Protecting Privacy
Click here for the complete list of principles.
Americans for Computer Privacy (ACP) has led the successful effort during the
past two years to permit the widespread use of strong American encryption
products in order to protect privacy, promote national security, and prevent crime.
ACP fought against domestic controls on the use of encryption, including "back
door" requirements. ACP also was instrumental in persuading the Administration
to relax export controls on encryption products. This year, ACP continues to closely
monitor the regulatory implementation of the Administration’s new policy and to
oppose any efforts by foreign governments to erect import barriers to American
products or to impose domestic controls on the use of encryption.
But as recent Internet viruses and denial of service attacks have reminded us,
more needs to be done to secure the information systems that many sectors of the
U.S. economy (utilities, banking, communications, transportation, health care,
e-commerce) as well as the U.S. government rely upon extensively. Protecting the
information infrastructure used for these critical sectors is essential for U.S.
national security, American economic welfare, and our fundamental freedoms.
ACP believes that critical information infrastructure protection is best
accomplished through private sector solutions that are market driven and industry
led. The private sector not only built and maintains the products, networks, and
systems that are integral to the information infrastructure, but it also possesses the
knowledge and expertise necessary for its protection. Importantly, the U.S.
government thus far has recognized that it should work cooperatively with industry
on a voluntary basis to deter, identify and respond to cyber threats and attacks. In
addition, the Administration has proposed and Congress has funded numerous
initiatives to strengthen the government’s technological capabilities.
ACP applauds the initiatives that are already under way and will cooperate with the
government in these initiatives. However, ACP also is concerned about the
possibility of overreaction to denial-of-service or other potential cyber attacks. Such
overreaction could generate new laws or regulations that would stifle innovation,
artificially channel R&D, and harm the very infrastructure that needs protection.
It is essential that the government not use legitimate threats to computer security
as a justification for assuming new powers of regulation, imposing new burdens
upon industry, or threatening fundamental rights of privacy. The government must
not mandate technologies or dictate standards. The government also must not
increase widespread surveillance or monitoring of citizens at home and work.
Finally, the government should not rush to pass new laws or adopt new regulations
until it is demonstrated that current legal regimes are inadequate.
In order to guide government decision makers, ACP has adopted five simple
- Critical Information Infrastructure Protection (CIIP) is best accomplished
through private sector solutions that are market driven and industry led;
- Governments and industry must work cooperatively on a voluntary basis
towards achieving CIIP;
- Government must not mandate the choice of technologies or dictate standards
- Governments must not violate personal and corporate privacy in the quest for
- Barriers to strong CIIP should be removed, including barriers to the widespread
use of strong encryption.
Click here for the complete list of principles
Americans for Computer Privacy (ACP) is a broad-based coalition that brings
together more than 100 companies and 40 associations representing financial
services, manufacturing, telecommunications, high-tech and transportation, as
well as law enforcement, civil-liberty, pro-family and taxpayer groups. ACP
supports policies that advance the rights of American citizens to encode
information without fear of government intrusion, and advocates the lifting of export
restrictions on U.S.-made encryption products. ACP also supports policies that
promote industry led, market driven solutions to critical information infrastructure
protection and opposes government efforts to impose mandates or design
standards, or to increase widespread monitoring or surveillance.