With U.S. companies losing billions of dollars to intellectual property theft, mostly to China, some are suggesting that corporations fight back. Can the government do more? Is "threat based deterrence" from the private sector the answer?
Should the private sector have the right to retaliate when its intellectual property is stolen via cyber-attack? Yes, according to a commission led by President Obama's former director of national intelligence, Dennis C. Blair.
American companies, including government contractors engaged in sensitive national security work, have lost billions of dollars of intellectual property and proprietary data to cyber-attacks. The number one culprit? China, responsible for as much as 80 percent of intellectual property theft worldwide.
According to the report by the Commission on the Theft of American Intellectual Property, led by Blair and former U.S. ambassador to China Jon Huntsman, China's national industrial policy goals encourage such theft. The result is what General Keith Alexander, commander of the U.S. Cyber Command and director of the National Security Agency, has called "the greatest transfer of wealth in history." It is comparable in scope to the annual level of all U.S. exports to Asia—more than $300 billion.
President Obama is scheduled to meet with Chinese president Xi Jinping in June to discuss cyber-espionage and other issues.
The Commission offers several recommendations to combat the problem of intellectual property theft.
Among them: Let companies fight back. The Commission supports allowing companies to develop countermeasures against targeted hackers. So-called “threat-based deterrence” could force potential hackers to conclude that the risks of engaging in intellectual property theft outweigh the benefits.
Critics maintain that policing cyberspace should remain the business of law enforcement. Empowering corporations to fight back against cyber-attacks, they say, might lead not to a solution but to a destabilizing escalation.
What do you think? Has the government proved itself unable to turn back the tide of intellectual property theft? Could companies do a better job of defending against cyber-attacks if they were allowed to employ "threat based deterrence"? What would be the ethical and practical repercussions, if any, of privatizing this battle?
For more information see:
David E. Sanger, "As Chinese Leader’s Visit Nears, U.S. Is Urged to Allow Counterattacks on Hackers," The New York Times, May 21, 2013
Tom Gjeleten, "U.S. Turns Up Heat On Costly Commercial Cybertheft In China," National Public Radio, May 7, 2013
David Silverman, "Commission wants to use malware to fight piracy," Seattle Post-Intelligencer, May 28, 2013
The IP Commission Report, The National Bureau of Asian Research, May 2013
Photo credits in order of appearance:
Xhacker
Jarrod Drake
Executive Office of the President of the United States
Office of the Director of National Intelligence
U.S. Navy
Jeff Geerling
bernissimo
IP Commission
Gage Skidmore
U.S. Department of Defense
National Security Agency
Jaxer
White House
marsmet526
ukaszSie
powtac
Fort Meade
marsmet543
Timothy McCormack
keiner
University of Maryland