Platt Perspective on Business and Technology

Learnable lessons from Manning, Snowden and inevitable others 27 – thoughts concerning the emerging Obama cyber-doctrine 2

Posted in business and convergent technologies, in the News by Timothy Platt on July 20, 2014

This is my 28th posting on what is becoming a series of leaks and unauthorized disclosures of classified US government documents that relate to its War on Terror (see John Peter Zenger, Henry L. Stimson, Edward J. Snowden and the challenge of free speech and the first 26 postings to this series, available at Ubiquitous Computing and Communications – everywhere all the time 2 as postings 225 and loosely following.)

I began in Part 26 of this series, explicitly discussing a newly forming and emerging cyber-doctrine that is coming out of the Obama administration as it conducts and seeks to prevail in its War on Terror. And in the course of that posting I briefly outlined and discussed two of three foundational elements that enter into and appear to fundamentally underlie this policy approach.

1. According to the developing Obama cyber-doctrine, the United States government has both a right, and even a fundamental obligation to conduct surveillance on any group or individual who might conceivably be involved in, or in any way communicating with a War on Terror threat – and even unwittingly and unknowingly.
2. And while the US national government has a right and even an obligation to conduct open ended surveillance on everyone, private sector businesses and organizations have very circumscribed rights as to what types of personal data they can gather, how and how long they can store it, and how they can use and share it.

My initial goal for this series installment is to complete a discussion of this foundational framework for the Obama cyber-doctrine with a brief orienting discussion of its third foundational leg.

3. The implicitly assumed right and even obligation of the United States government to pursue its online cyber-defense across any and all borders and boundaries in its pursuit of national security and as it conducts its side of the War on Terror.

And the third line of reasoning: that third foundational leg that I will look into here involves how the Obama administration views cyber-surveillance as it arises from its own decision making processes and from within the United States, and when it arises from the decisions and actions of other governments. When allied governments, working in collaboration with the intelligence gathering agencies of the United States participate in US surveillance and intelligence gathering programs such as PRISM and XKeyscore (XKS), that is seen as laudable and as proof that these countries and their governments are true allies in the War on Terror. And as examples of that type of international collaborative activity I cite joint surveillance programs carried out by the US in coordination with the governments of the United Kingdom, Germany, Australia and others, as already discussed in earlier installments to this series. But when similar programs are carried out by other governments and even when they are carried out for reasons that those other governments would see as similar – national defense, their programs are viewed as being unacceptable and illegal and certainly if they are deemed to be aimed at the United States, its government, its business community or its citizens. And this brings me to the note that I added to the end of Part 25 to this series between when I finished writing that posting itself, and when it went live to this blog. This brings me to the point of impetus that prompted me to add first Part 26 and now this installment to this series:

As an update, added May 25, 2014: I am currently writing and uploading my blog postings on the order of a month and a half in advance. And approximately 10 days after I finished and uploaded this posting, the Obama administration and its Justice Department brought formal charges against a group of individually named members of the military of the People’s Republic of China, charging them with industrial espionage cyber-attacks against American businesses, and against US government online resources. So I will resume posting to my more operational series on cyber-security and cyber-threat as noted above. But before I do so I will post a 26th installment to this series, on what is developing into a more fully formed Obama cyber-doctrine. Unfolding events have prompted me to rethink and re-plan on how to proceed on this general area of discussion and I am going to proceed accordingly.

I first started actively writing to this blog about China’s military-based industrial espionage programs as targeting US businesses and US interests in March, 2013, when I first started posting about their People’s Liberation Army Unit 61398. The United States Government has been aware of this cyber-espionage unit since at least mid-2012 and has been actively tracking its activities and identifying and following the activities of its key personnel for quite a while now (see my posting Information systems security and the ongoing consequences of always being reactive – 11: governments as white and black hat hackers, and the threat and reality of cyber-warfare that originally went live on this blog on April 7, 2013 and other postings to that series, as can be found at my directory page: Ubiquitous Computing and Communications – everywhere all the time as postings 185 and following.) So the fact that China actively surreptitiously seeks out confidential, highly sensitive business and government-owned intelligence through organized cyber-espionage programs and through specific units of the People’s Liberation Army (PLA) cannot be considered a new or startling revelation.

The news event that promoted me to add this posting to this series, rather than simply switch to a more operational and tactical discussion of this complex of issues as originally planned, was that announcement by the US Justice Department, on May 19, 2014 that criminal indictments were just now being issued against five specific members of the PLA’s Unit 61398. At the pronounced risk of oversimplifying, one reason for taking this step now was that the Obama administration has decided to more actively confront a China that is more actively flexing its muscles, and both economically and militarily. And as just one example of the later, aside from their increasingly active cyber-espionage programs themselves, consider their increasing claims to ownership as sovereign territory over the majority of the South China Sea and in direct conflict with Japan, Vietnam and all of the other nations that flank those waters.

So acknowledgment of and response to Unit 61398 and its long-term ongoing activities have been a conflict waiting to happen. And the only real question here was not one of if that conflict would be publically raised, but rather of when that would happen and in response to what specific triggering event. And any such response, and certainly as being pursued now by the US government is also being carried out consistently with overall governmental and Obama administration policy – including its cyber-security policy and its overarching cyber-doctrine.

As a final point here, repeating a thought that I have already shared in the course of writing this series, President Obama and his senior intelligence community staff do not formulate or pursue a cyber-doctrine of the type that I touch upon here from any desire to limit or thwart individual freedom. They do so because they see terrorism and its threat as an existential threat to the United States and to all that it stands for. And they seek to achieve perfect and absolute security from that threat. And whenever a leadership seeks an absolute as their driving goal, they tend to make skewed decisions when setting their operational goals and priorities for achieving it.

And right now and certainly through any foreseeable future, the one substantial goal and accompanying approach that even the extremes of the Republican and Democratic Parties agree on is a need for achieving absolute security as the overall goal of the War on Terror – and seemingly regardless of costs incurred. So the Obama cyber-doctrine that is coming into shape now will remain in place. And it will become more elaborate and detailed and more firmly entrenched – and once again largely despite the costs to personal, individual liberty that this search for perfection brings with it.

I expect that I will come back to this set of issues in future postings, and certainly for discussing the cyber-policy and actions of the United States and her allies, but I at least tentatively finish this discussion here at that point. Meanwhile, you can find this and related postings at Ubiquitous Computing and Communications – everywhere all the time 2 and in my first Ubiquitous Computing and Communications directory page. I am also listing this under my In the News posting category.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: