My Two Cents: Why isn't Internet Security Better? What does "Boston Legal" have to do with this post?
I've recently started to binge-watch Boston Legal. This is my first exposure to the show. I am a fan of Jason Spader in The Blacklist and was curious about his performance in BL. It doesn't disappoint. An episode where Allan Shore represents Denny Crain Against the TSA and a recent blog post on 1Password about Cybersecurity incidents, We can do better: The tech industry and its response to data breaches, made me think – why isn't the internet a safer place from fraud and cyberattacks?
In the episode titled "Nuts", the TSA placed Denny Crane on the No Fly List. Denny tried to get himself off this list but was informed it would not happen as someone named "Denny Crain" was on the NFL. TSA argued it would be a national security issue if our "Denny Crain" was allowed to fly, and besides, it was only a minor inconvenience to him. Meanwhile, cybersecurity attacks) are major inconveniences when they happen to us.
TSA further argued despite all of the computer prowess (from about 20 years ago), there was nothing the TSA could do about it. TSA did offer an alternative – Denny could apply for an exception on the NFL and be allowed an exemption. The problem with this is the paperwork was lengthy, and the TSA did not know when they could get to it. And there was no guarantee he could get the exception. Yet, as Alan Shore argued, private businesses can do a better job than the government with its data and computer programing. So my question is, why isn't the private sector doing a better job with fraud, abuse, and cyberattacks on the internet?
TSA further argued despite all of the computer prowess (from about 20 years ago), there was nothing the TSA could do about it. TSA did offer an alternative – Denny could apply for an exception on the NFL and be allowed an exemption. The problem with this is the paperwork was lengthy, and the TSA did not know when they could get to it. And there was no guarantee he could get the exception. Yet, as Alan Shore argued, private businesses can do a better job than the government with its data and computer programing. So my question is, why isn't the private sector doing a better job with fraud, abuse, and cyberattacks on the internet?
As the 1Password blog reports, private industry "capitalize on cybersecurity incidents through self-promotion" instead of working together to improve internet security overall. As Christ Butler, 1Password Senior Security Specialist, provided "[the internet security 'first responders' who] assess the breach report, praise transparency, speak honestly about the implications, and put out a message of practical advice for improvement." It would probably be a great idea if these "first responders" had a public forum where they could share ongoing security concerns and fixes. Until then, it is up to the customer, which includes us lawyers, to use their power of the purse to find those companies that are doing right by trying to fix, if not prevent, the problem instead of just feeding off another's misfortune. Do we really want the government to step in? 🙄 Last thing we need is find ourselves on the government's no-internet list - it will take ages to get access again! 😡
Lawyers we have a voice in technology and the companies that make it - use your voice! 😮
"Denny Crane!" I mean ... MTC. 🙃