President Obama’s February 12 State of the Union address included the announcement of an executive order intended to permit greater sharing of information about possible threats to the nation’s cyber security among private companies and between private companies and the government.
“We know hackers steal people’s identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets,” Obama said in the speech. “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems.”
The executive order permits businesses to enter voluntary information-sharing agreements in which they provide the government with information about possible cyber threats to the grid. In return, the government is permitted to provide private companies with classified technical information.
This is an admirable goal, and we support the president’s efforts to keep the nation safe in this way. However, it’s not the end of the story.
Last year, legislation was introduced in Congress to provide protection from liability to companies that share information about possible cyber attacks with each other and with the government. That legislation, however, did not pass, and some form of it will be introduced again this year. Sen. Tom Carper (D-Del.), the new chairman of the Senate Homeland Security and Governmental Affairs Committee, has pledged to make a cyber security bill a high priority.
One important aspect of possible legislation of this type is whether it contains adequate safeguards to protect privacy. Last year, privacy advocates pointed out that in the name of protecting the nation against cyber threats, many versions of the bill contained provisions that allowed for “nearly unlimited monitoring of user data.”
If a final bill contains adequate privacy safeguards, we would support it, along with the executive order, as a means of keeping the nation safe.
After a nearly decade-long legal battle, the Department of Justice (DOJ) is seeking to dismiss once and for all the privacy suit of Richard Convertino, a former federal prosecutor in Detroit who alleges that the DOJ illegally gave the press details of an internal investigation into his alleged misconduct.
In February 2004, Convertino filed a complaint in the U.S. District Court for the District of Columbia, alleging that DOJ officials provided information to a newspaper reporter about the internal ethics investigation. Convertino accused the DOJ of giving David Ashenfelter, a reporter for the Detroit Free Press, confidential information relating to Convertino’s alleged mishandling of a terror-related case.
In that underlying case, the convictions of the alleged terrorists were overturned amidst allegations that Convertino unlawfully withheld evidence from defense lawyers when he prosecuted the case. The ensuing internal DOJ inquiry into Convertino’s conduct was meant to be confidential, but was leaked to the press through unknown, anonymous sources at the DOJ. Ultimately, the allegations of prosecutorial misconduct against Convertino were not substantiated.
Convertino spent nearly eight years attempting to ascertain Ashenfelter’s anonymous sources, but the reporter consistently refused to name them and invoked his Fifth Amendment right to remain silent. The district court finally dismissed Convertino’s privacy case last year, saying “there is simply no reason to believe that yet another delay in this case will result in discovery of that information.” Convertino appealed to the U.S. Court of Appeals for the D.C. Circuit. Earlier this month, the DOJ asked the court of appeals to uphold the dismissal.
In this situation, Convertino’s right to pursue privacy violations by the DOJ sits squarely in opposition to Ashenfelter’s right to plead the Fifth Amendment. Although the DOJ’s Office of Inspector General performed an inquiry, it was unable to determine which DOJ employee was the source of the leak. As a result of his inability to confront the source, Convertino’s reputation and career will forever be tarnished by anonymous accusations of wrongdoing.
It is ironic that the department whose duty is to enforce the law and bring about justice has failed to do justice to Convertino. One of its employees disclosed confidential agency information to the press and will apparently go scot free. Unless the D.C. Circuit reverses the district court’s decision, the federal government will not be held accountable for violating Convertino’s privacy. The Court of Appeals should reverse and allow Convertino to continue his efforts to discover who leaked the information, and how the DOJ allowed it to happen.
The D.C. Circuit is scheduled to hear the Convertino case on March 12.
Federal Criminal (Other)