America’s Self-Defeating Internet Insecurity

America’s Self-Defeating Internet Insecurity
By Scott Cleland
How did America and Americans regress to being much less secure than before the Internet?

Everyone knows the many amazing conveniences, benefits, and advances the Internet has enabled.  What everyone doesn’t know is how irrational the Internet’s utopian founding premises have proven to be concerning America’s and Americans’ security over the last quarter century.

The first irrational security-related premise is that U.S. Government policymakers decided in the 1990s to promote inherently insecure, nascent Internet technology to be the world’s primary global information infrastructure for all the world’s communications, content, and commerce.

Unfortunately, the Internet was never designed to operate at that scale, or with the necessary authentication, security, and privacy capabilities essential for such an infrastructure.  Utopia meet reality.

The Internet’s co-designer, Vint Cerf, in a 2008 Guardian interview, explained how the Internet’s 1974, essential enabling Internet-protocol had a design flaw in not enabling packet authentication, security, or privacy at scale.

"The idea of a virtual private network was not part of the original design," says Cerf, with a grin. "It was actually an oversight. It didn't occur to me that it would be useful until afterwards." "In the end, it seems every machine has to defend itself. The internet was designed that way."

For twenty-five years, an ever-behind, cybersecurity industry has struggled to secure an un-securable, “fragile infrastructure,” that was “built vulnerable,” and where “the scale of cyberattacks grow steadily.”

The second irrational security-related premise was the de facto, bipartisan, U.S. foreign policy decision, without a Senate approved treaty, that promoted virtual global surrender of “Westphalian sovereignty’ that for 350 years facilitated international law and order, peaceful diplomacy to deter wars, and reciprocally-beneficial travel, trade, commerce, and law enforcement.

America’s de facto virtual sovereign suicide irrationally surrendered its virtual sovereignty over all things America, to a non-sovereign,  autonomous Internet technology, with “no controlling authority,” organization, leader, accountable governance, rule-of-law, dispute resolution, recourse, or legal tender.

As a result, America has de facto aided and abetted our leading adversaries—China, Russia, and cybercriminals—with impunity.  China has specialized in cyberattacking, hacking, and stealing much of America’s valuable government and corporate secrets, intelligence, security clearances, and data.  Russia has specialized in out-of-control facilitation of rampant ransomware, serial cybercrime, and political disruption.

A recent Council on Foreign Relations report confronts this irrational Internet utopianism. “The utopian vision of an open, reliable, and secure global network has not been achieved and is unlikely ever to be realized.  Today, the internet is less free, more fragmented, and less secure.”  The authors are right that “its time for a new foreign policy for cyberspace.”

The third irrational security-related premise is that U.S. Government policymakers decided in the 1990s to de facto nationally abdicate governing online.  Specifically, how is U.S. Internet unaccountability policy a root cause of Internet insecurity?

It has subverted most of America’s foundational security essentials, i.e., surrendering sovereignty; banning borders; denying defenses; prohibiting police and public safety; abdicating authority; cancelling the Constitution; rejecting rule-of-law and rights; and denying a duty-of-care.

At the time, there was bipartisan policy consensus to encourage, not impede, rapid adoption and buildout of the Internet and its enabling infrastructure.  It succeeded at that goal.

America’s 1990s ‘Wild West’ Internet policies were: Internet and Internet services be “unfettered by Federal and State regulation;” ecommerce should be “global,” “self-regulated,” and “minimalist” government; and de facto all Internet speech has been presumed free speech,  never illegal conduct.

Apparently, few have considered or cared about the predictable negative repercussions of permanently granting Internet technology and its corporate leaders’ impunity via Internet unaccountability policy.

Now it is easier to see how America and Americans have regressed to being much less secure than before the Internet.  It doesn’t have to remain that way.

America’s existential problem here is the U.S. Government de facto imposing Americans’ dependence on inherently insecure Internet technology and irrational foreign and U.S. policy.  All three irrational premises endanger and do not protect Americans. 

—Scott Cleland is Executive Director of the Restore Us Institute, a non-partisan, non-profit that educates the public about Internet accountability problems and solutions.  Cleland was Deputy U.S. Coordinator for International Communication and Information Policy in the H.W. Bush Administration.  To learn more, visit www.RestoreUsInstitute.org.