Once-controversial computer security plan moves forward
A year ago, government officials faced a firestorm of controversy from civil liberties groups over their plan for the Federal Intrusion Detection Network, or FIDNet. But this year, when Congress approved funding for the computer-security program, hardly a word of protest was heard.
Senate appropriators quietly slipped $8 million in funding for both the Federal Computer Incident Response Capability (FedCIRC) and FIDNet programs into the fiscal 2001 Treasury-Postal Service appropriations bill in October. President Clinton vetoed the measure Oct. 30 and funding for the program remains unclear; however, the money is not expected to be removed entirely when Congress reconvenes to resolve differences over federal spending in early December.
"There are so many other more controversial policy issues to worry about. This is too minor," said one appropriations staff member.
The White House also significantly modified the FIDNet plan late last year, and some of the public's fears about the program have subsided, according to hill staffers. Richard Diamond, a spokesman for House Majority Leader Richard Armey, R-Texas maintains, "That doesn't mean that we don't still have concerns about the program."
The original FIDNet plan, crafted by the National Security Council, would have used an array of software to track patterns of computer activity that might indicate a hacker's intrusion into government computers or the insertion of a computer virus. Upon detection, the patterns would have been relayed to a central monitoring site at the FBI. That plan raised public concern about the government using computers to track private citizens who contact the government online.
The administration revised that plan by moving development of the program to the General Services Administration rather than the Justice Department, and it narrowed FIDNet's scope to data collection and analysis of activity only on government computers.
The administration also said no information on the use of government computers would be sent to the FBI or other law-enforcement agencies automatically. Rather, the data would to be forwarded only if such activity was deemed suspicious. The administration also promised that FIDNet would not create new links to private computer systems, which many civil-liberties groups had opposed.
David Jarrell, director of the FedCIRC and FIDNet programs, could not be reached for comment on funding for the programs.