Oops, we leaked no-fly list.
And by “we,” I mean CommuteAir, a regional airline whose insecure server, accessed by a Swiss hacker named maia arson crimew, included a file named NoFly.csv, which turned out to be the 2019 version of the US government’s no-fly zone. a list. The Daily Dotwho first reported to the story, notes that the list has about 1.5 million entries—although many of them are pseudonyms for a much smaller number of individuals—and includes both names and dates of birth. It is a subset of the broader terrorism screening database and both lists are full civil liberties and violations of due process.
Meanwhile, the Justice Department continues to uncover more classified documents in various buildings associated with President Joe Biden. The president is both cooperating with the investigation—which is to say, calling the FBI search his home in Delaware to see what else he might have forgotten and federal document security procedures—and insisting public that there is no “there there”. And although this is a mishandling of confidential documents less blatant but former President Donald Trump wrong handling even classified documents congressional democrats seem find Biden’s denial is unconvincing.
The ideal libertarian policy response to these debacles would be a major overhaul of the systems in question: establish a transparent legal process for no-fly listing and appeal—or cancel the list overall — i rethink the whole system of secret documents and state secrets.
But that’s not going to happen in the foreseeable future, so let’s set a more modest goal, one that’s achievable for the Congress we actually have: overhaul and improve the federal government’s data security and digital defense.
That this is necessary has been obvious for a long time, well before any of these current affairs. He existed major offense of 2015 Office of Personnel Management, which exposed the personal information of about 21 million people to foreign hackers. and 2016 leak cyberweapons of the National Security Agency. And Wikileaks’ 2017 revelation of “more than 8,000 documents detailing various CIA cyberwarfare and electronic surveillance activities.” and 2021 leak data from the Tax Office on very rich people. And, yes, “her emails”, private email server (and personal Blackberry) used by Hillary Clinton while serving as Secretary of State in the Obama administration.
And these are only the big ones, the ones that made it into the news, the ones that are relatively easy to remember a few years after the fact. They’re also all federal in size, but it’s not like states, municipalities, and other lower levels of government—not to mention the private companies that interact with government data, like CommuteAir’s no-fly list or any account linked to our Social Security or IRS numbers. data—are completely secure.
All our elections are managed by these smaller state entities (there are more than 10,000 electoral authorities in this country), despite our fears they are not always rational, understandably election security has been a major concern for most of the decade. Means of life support are shown vulnerable to hacking also, as with the 2021 Colonial Pipeline ransomware attack and smaller incidents like a hack water treatment plant near Tampa.
In many cases, as I have already argued, we could relatively easily improve security by being a little less online. Paper trails in elections, manual bridging of utilities (with workers who know how use them), i air gap all computer systems offer basic and easy-to-understand security that only requires us to return to perfectly viable ways of doing things from the very recent past. The 1990s weren’t the dark ages, and it’s better to keep some things analog than have genuine concerns about the fairness of elections or poisoned tap water.
But that proposal is clearly not a panacea, as the scandals with these documents show. Trump allegedly had poor digital security practices while he was president, and Biden’s use The peloton of bicycles and the Apple Watch has raised questions about the safety of its device. These classified papers were papers after all.
And my guess — despite claims of representatives about their own reliability in handling the documents—is that Biden and Trump are not alone among current and former presidents, members of Congress and other senior federal officials who have classified documents where they should not be.
It strains credulity to imagine that Sen. Joseph R. Biden pioneered the sin of taking work documents back to his home office around 2008. (News that former Vice President Mike Pence also kept classified documents at home broke the dock I was just writing this article.)
And it’s similarly amazing, especially during the COVID-19 pandemic and amid the post-pandemic work-from-home habit, that no other classified document has made a similar journey. (Washington DC, has the most telecommuting rate in any major US city, a statistic largely driven by the telecommuting policies of federal agencies.) Keep your confidential work papers safe at work almost certainly not an appropriate document policy in an increasingly digitized work-from-home environment.
We don’t have to guess to know that our government’s digital defenses are lacking. One figure shows how bad the situation is Reuters reported 2017, citing multiple senior intelligence officials: “In the federal government, about 90 percent of all spending on cyber programs is devoted to offensive efforts.” And if 90 percent goes to attack, we spend a maximum of 10 percent on defense.
The government of the richest and most powerful country in the world—a government that likes to play world police and has a huge nuclear arsenal and collects the personal information of millions of innocent people—that The government decided to spend $9 of the $10 on “penetrating adversary computer systems, listening to communications and developing means to disable or degrade infrastructure,” officials told Reuters. All that remains is a change to keep your own data and systems safe.
It’s absurdly reckless, and even a Congress as divided, performative, and incompetent as ours should be able to see that. Federal data security and digital defense aren’t hot topics, but they’re also not partisan issues, and securing America from Russian and/or Chinese interference — take your pick, as party lines dictate — should be a popular policy goal right now. Stories like the no-fly list leaks and reports of bipartisan presidential indiscretion should demonstrate the political neutrality and necessity of this reform.