081203-N-2147L-390 NORFOLK, Va. (Dec. 3, 2008) Sailors on the watch-floor of the Navy Cyber Defense Operations Command monitor, analyze, detect and defensively respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Mass Communications Specialist 1st Class Corey Lewis/Released)
081203-N-2147L-390 NORFOLK, Va. (Dec. 3, 2008) Sailors on the watch-floor of the Navy Cyber Defense Operations Command monitor, analyze, detect and defensively respond to unauthorized activity within U.S. Navy information systems and computer networks. (U.S. Navy photo by Mass Communications Specialist 1st Class Corey Lewis/Released). MC1 Corey Lewis
SHARE

To combat cyber attacks, the U.S. may need more than new cyber defenses. It might need a whole new piece of Internet infrastructure. So says former CIA director Michael Hayden, who served under President G.W. Bush, and he’s not the only one. Several lawmakers and the current Cyber Command chief Gen. Keith Alexander are toying with the notion of creating a “.secure” domain where Fourth Amendment rights to privacy are voluntarily foregone in order to keep that corner of the Internet free of cyber criminals.

The idea goes something like this: China and other regimes around the world inherently have an upper hand when it comes to cyber defense because their lack of civil liberty protections lets the government freely monitor online activity. Things like “deep packet inspection” (which gained notoriety during Iranian election protests back in 2009) that let governments monitor citizens traffic also let them monitor for unusual activity.

That activity could be cyber criminals at work, or it could be foreign-backed cyber warriors and cyber spies working to weaken a nation’s infrastructure or penetrate sensitive government systems. Regardless, other countries are better protected. The U.S. Internet, by virtue of its adherence civil liberties, is more like the wild west. Everyone does everything online anonymously, and while that’s great for liberties, it’s also dangerous when cyber criminals/foreign hackers are roaming the cyber countryside.

The proposed solution: a dot-secure safe zone (basically, a seperate Internet) where things like financial institutions, sensitive infrastructure, government contractors, and the government itself can hide behind heavier defenses. Your fourth amendment privacy rights wouldn’t apply here, as you would consent to give them up upon entry; as when walking onto a military base or into an airport, users would have to show detailed identification and credentials to get in. Those who want to remain anonymous on the Web can still frolic about in the world of dot-com, but in the dot-secure realm you would have to prove you are you.

A wise man once warned about giving up a little liberty for a little security, but a tiered Internet with varying levels of freedom, security, and anonymity may be the way the Internet goes in the end. The Obama administration and members of Congress are finally taking cybersecurity quite seriously it appears, and big-league legislation is likely imminent. When the dust settles, you may not be able to go to certain neighborhoods of the Web without showing your papers at a checkpoint–and perhaps subjecting yourself to one of those humiliating electronic pat-downs as well.

Nextgov