Kevin Coleman is a senior fellow at the Technolytics Institute and former chief strategist at Netscape. (File)
Recently, the occasion arose that allowed me to work with lawyers reviewing a host of international regulations that govern the sharing of cyber intelligence. It became evident that the pace of change in the cyber domain has created problems and contradictions with those regulations. In fact, almost every scenario or situation that was reviewed resulted in the answer of, “it depends.”
The specifics of the data collection and the specific characteristics of the system, device and technology that was under analysis ended up dictating whether or not the information would be considered sensitive and subject to one or more of the many international regulations that must be considered.
For example, the header information of emails that are generated on systems that use web-based email applications could easily be seen as falling in a gray area when it comes to personally identifiable information. Similarly, systems that use dynamically allocated IP addresses would also fall in that same gray area.
Now add the complexities of cache servers and proxies in countries or territories that are not part of the United Nations, and that the International Telecommunications Union adopted new guidelines late last year about inspecting Internet traffic, and you begin to see just how complex the legal side of cyber intelligence has become. One cyber analyst commented that you need to have the meta data and evaluate it before you know if the data is protected.
After examining this issue it is easy to see how a lawyer would be required to sit behind cyber intelligence analysts and cyber defenders that are on the front lines and advise them. It would be a complex issue as to whether or not they can intercept and read the data that is flowing over the Internet or even launch a retaliatory cyber strike against computer equipment that may have been hacked and is serving unknown intermediaries in foreign countries.
If that is what we have come to, so long to real-time cyber response!