FBI director James Comey says surveillance is necessary for effective law enforcement, but has promised to ensure his agents will respect individuals’ privacy in all they do.
“We understand that businesses need to guard their intellectual property, but it is our goal to be as precise and undisruptive as we can,” Comey told attendees of RSA Conference 2014 in San Francisco.
“National security is often seen as being in conflict with privacy and civil liberties, but it does not have to be that way.
“We are looking for security that enhances liberty like police officers patrolling a playground to ensure it is a safe place for children.”
However, he said it is difficult to support privacy and civil liberties while carrying out surveillance to collect timely and accurate data to help preserve national security.
“I want to ensure we are listening to understand people’s concerns so we can have adult conversations about why surveillance is necessary and how we are using all reasonable surveillance tools,” said Comey.
“I think we can resolve these issues through honest communication and democratic exchange of ideas,” he said, but appealed to the information security industry for help.
More on FBI
- Target cyber attack not isolated, warns FBI
- FBI cracks down on hacker-for-hire websites
- FBI spies on internet users
- FBI shuts down Silk Road online drug market
- FBI warns of increased spear phishing attacks
- Google ordered to comply with FBI data demands
- Court rules FBI access to private data unconstitutional
The US government has ranked cyber attacks as the top threat to national security for two years in a row, forcing agencies across government to make information security a top priority.
According to Comey, this has led to a concerted collaborative effort across all government agencies, but government cannot do all that needs to be done on its own.
“We are doing a lot, but it is not enough. We need private sector partners. You are key to defending IT,” he told conference attendees.
Comey said he would encourage his agents to develop direct relationships with key players in the information security industry. “I want them to be on first name terms,” he said.
However, Comey acknowledged that in the US there is still no unified threat-reporting system and that in the past the flow of information was perceived to be unidirectional in favour of the government.
But he said government was working to share more unclassified information as quickly as possible and at reducing the amount of threat information that is classified to the lowest possible level.
“We simply have to work together. We have to play to our strengths and then figure out how we can combine those strengths,” said Comey.
“The FBI will do all we can to keep data, intellectual property and innovation safe and secure,” he said.
Comey said he believed the way forward is to find a way to get past current barriers by creating incentives to share information and assistance quickly and routine.
To support this goal, the FBI plans to set up a malware repository by the end of 2014 to work as a reference database in a similar way as existing databases of fingerprints and DNA samples.
Comey was appointed as FBI director in September 2013.