More Laws, Cops Won't Stem Cybercrime, Execs Say

Congress shouldn't rush to write Internet laws, industry representatives urge.

Lauren Dunn, Medill News Service

WASHINGTON, D.C.-- Despite an increase in computer crime, a rush to write laws isn't the answer, high-tech industry executives warned members of Congress on Monday.

"I worry about rushing into legislation," says Bruce Schneier, chief technical officer for Counterpane Internet Security. "I worry about quick laws that have unintended consequences."

Schneier, whose company provides virtual burglar alarms for computer networks, suggests managing the risk instead of trying to eliminate it.

Just as people install burglar alarms to protect their home--recognizing that theft does happen--Schneier says Congress should concentrate on managing cyberthreats. He suggests it's a more realistic approach than trying to avoid them by building comprehensive security systems into computers.

Conflicting Pitch

The warning sharply contrasts with last week's hearing on Internet privacy before the Senate Commerce, Science, and Transportation Committee. There, Chair Ernest Hollings declared that Congress should take action right away.

"Where did self-regulation get us?" the South Carolina senator asked then. "Nowhere. As Business Week stated last year, 'Self-regulation is a sham.'"

However, on Monday high-tech executives warned a Senate subcommittee that lawmakers need to take a new approach to shaping Internet legislation.

Lawmakers should research all avenues of Internet privacy law thoroughly before tackling cybercrime legislation, warns Vinton Cerf, senior vice president of Internet architecture and technology for WorldCom.

"You should not pass legislation that can not be enforced," says Cerf, who was described at the hearing as one of the fathers of the Internet. "When [the legislation] can not be enforced, that is when people ignore laws."

Not So Fast

Others warned Congress not to pass legislation that could ignite a new round of problems for consumers.

"Excessive or overly broad legislation and subsequent regulation crafted in a rapidly changing environment is apt to miss the mark and likely trigger a host of unintended consequences," says Harris Miller, president of Information Technology Association of America.

Vertical industries, such as Internet service providers and telecommunications companies, should collaborate on comprehensive privacy guidelines, Miller suggests.

"We need to develop viable security solutions in not just the wired world, but also in the wireless world," he says, adding that these industries will gain greater security by consolidating their policies.