Last night Intelligence Squared and Neustar conducted a fascinating, Oxford style debate on whether the threat of cyber war has been exaggerated. A packed house at the Newseum in Washington, DC heard four cyber heavyweights go toe-to-toe verbally both for and against the proposition that the threat has been exaggerated. The audience size was all the more impressive considering the competition on a very big night in DC — Stephen Strasberg was making his major league pitching debut, Conan O’Brien was in town and there was also a James Taylor/Carole King concert.
The discussion was fascinating and a welcome change from the self-interested rhetoric that often surrounds this important issue. I’ve got a strong personal interest, but I was attending last night in a professional capacity. I assist Neustar with their public relations, and had invited some media to attend last night. Mostly I was introducing them to Neustar exec and long-time Internet expert Rodney Joffe.
Rodney also serves as Chairman of the Conficker Working Group and was just featured prominently in an excellent Atlantic Monthly article on the battle against Conficker. There were lots of interesting people in the crowd — while talking to Chris Dorobek of Federal News Radio, he introduced me to Craig Newmark, the founder of Craigslist. It was very cool to meet the guy behind one of the seminal successes of Internet commerce, and one who has steadfastly refused to cash out.
The teams arguing for and against the proposition were very distinguished. Arguing for, in other words Yes the threat Has been greatly exaggerated, were:
- Marc Rotenberg, executive director of the Electronic Privacy Information Center and adjunct professor of information privacy law at Georgetown University.
- Bruce Schneier, renowned security technologist, author of Crypto-Gram and chief security technology officer at BT.
Arguing against the motion, in other words No the threat is NOT exaggerated:
- Mike McConnell, VAMD (Retired) and executive vice president and leader of the National Security Business for Booz Allen Hamilton. McConnell served from 2007-2009 as US Director of National Intelligence (DNI), under Presidents Bush and Obama.
- Jonathan Zittrain, professor of law at Harvard Law School and co-founder of its Berkman Center for Internet and Society.
John Donvan of ABC’s Nightline was the moderator, and he explained the rules. Each member would be given strict time slots, like in a political debate. All panelists would give opening statements, then they would have seven minutes to speak, then there would be Q&A from the audience. Every member of the audience had a keypad device tethered to their chair. Opinions would be taken at the start, and then again after the debate. The team that had changed the most minds in the audience would be declared the winners.
Here’s where the audience stood prior to the debate, on the question of whether the cyber war threat was exaggerated:
Yes, it is exaggerated: 23%
No, it’s not exaggerated: 54%
Man, I’m just so undecided: 22%
So Marc and Bruce were starting out in a hole, but there was a large block of undecided voters in the audience. But the winning team didn’t need a majority as in an election; they just had to move the most minds.
There’s no way for me to capture every thrust and parry. Suffice to say the debate broke down pretty much like this — Marc and Bruce argued that the exaggeration of the cyber war threat was the continuation of a campaign by government and the military to control the Internet. Mike and Jonathan said no its not, it’s a realistic appraisal of the risks today and they can be resolved without ceding too much control to the military and becoming a police state.
Here are some specific speaker notes I jotted down:
Marc — very passionate on privacy, made some good points about the NSA’s Clipper Chip efforts in the early 1990’s to force everyone to use encryption they controlled, got in some points about the government pressuring ISPs and telcos to break the law and release personal data after 9/11.
Bruce — seemed to deliberately take the most blase tone of the speakers, called the rhetoric around cyber war “silly,” made the good point that when you view things as criminal you get police solutions, when you view things as war you get military solutions. On two occasions Bruce also seemed to make an implicit accusation that working for Booz Allen Hamilton warped McConnell’s view on the proposition, making reference to $400 million in BAH cybersecurity government contracts.
Now I dislike the revolving door of public service to private profit in DC as much as the next guy, but this seemed to me an ad hominem attack that didn’t seek to persuade the audience through logic.
Mike — this debate had nothing to do with controlling the Internet, and he repeatedly mentioned that if Congress gets the “law right,” that won’t be an issue. He also threw out some financial numbers to highlight our current vulnerability. According to him, in an economy that totals about $14 trillion per year, two banks in New York routinely move over $7 trillion per day. What if just those two banks could be disrupted? When the panel debated just what war is – how can you have war without actual fighting and destruction, etc. — McConnell made a comparison the Cold War period. No fighting, but most considered it war at the time.
Jonathan — he conceded that many often exaggerate the threat but didn’t think considering it war naturally leads to a police state. He described the way the Internet works as “bizarre,” it’s surprising it actually does work most of the time and stressed the vulnerabilities. He referenced the Pakistan blocking YouTube incident, and talked about how Professor Edward Felten at Princeton thinks he could take down the Internet in two weeks, given the right team and resources.
OK, enough suspense. Here’s where the audience stood after the debate concluded:
Yes, threat is exaggerated: went from 23% to 24%
No, threat is not exaggerated: went from 54% to 71%
Man, I’m just so undecided: went from 22% to 6%
So Mike and Jonathan won the debate, pretty handily in fact. I was in the small undecided minority — I actually went from a No, not exaggerated to an undecided vote. I agree with the majority that Mike and Jonathan presented better than Marc and Bruce, but I feel the For team did make important points that suggest this very important topic can’t be decided during a one hour debate, for me at least.
Maybe that will strike some readers as a punt by me. If so, I encourage you to watch the debate for yourself. It will be distributed via Bloomberg TV, NPR radio and Newsweek magazine. And if an online video feed eventually becomes available, I’ll add it to this post.
UPDATE: Here’s the link to video if you’d like the entire debate: http://www.neustar.biz/insights-resources/video-archive/videos/intelligence-squared-debate-june-8-2010
I have very mixed feelings on this subject, and I found your reporting on the debate refreshingly objective. I agree with both Marc and Bruce’s concerns, and also find issue with Mike’s comments that “if Congress gets the “law right”, that [controlling the Internet] won’t be an issue”. I only have to point to Marc’s statements about the Clipper Chip, and numerous other examples, to state that I don’t trust Congress to get the “law right”, in fact I by default expect Congress to get the “law wrong”.
On the other hand I see clear evidence in both the news and in my firewall logs that there are coordinated attempts by both criminal and political actors to utilize cyberwarfare/hacking techniques to penetrate systems. In the long run I think that the Internet is best served by the IETF, and I am reluctant to see additional government/corporate interference in the Internet, and especially leery of governmental regulation.
I do think that we need to be diligent to protect the Internet against both criminal and terrorist activities which clearly are of concern. I also agree with Chris that this issue deserves much more than a one hour debate.
George — score another undecided! Yes, it’s a tough topic with strong arguments on both sides, and that’s why it made for a fascinating debate. I’m hoping Neustar will sponsor further discussions like this one. Thanks for your comment.
[…] A special thanks to Chris Parente, managing director at Strategic Communications, who invited me to the debate. Very much appreciated. Parente has posted his take of the event here. […]
1. Besides, .MLB .Comedy & .MTV – The .NBA Finals may also have attracted some people.
2. A new BroadBand .NET is emerging (very quickly) and routing around the ISOC, IETF, ICANN and the rest of the digerati.
3. It is interesting the I* digerati continue to stage their theatrical events, as they lose relative marketshare.