Democratic computer security specialist Ira Winkler is disgusted over the Senate Judiciary Committee memo controversy — not with Republicans, but with his own party. As he explains, there was no “hacking” or stealth effort to access the files. They were left open for all to see: “This is not the electronic equivalent of physical breaking and entering, as it was portrayed by many senators and newspapers. What happened in the Senate Judiciary Committee was the electronic equivalent of leaving the files in the Capitol rotunda.”
Winkler argues Senate Democrats were extremely negligent in failing to protect their allegedly confidential files, even though federal law requires private companies to take affirmative steps to protect confidential material.
Not surprisingly, Congress has adopted laws for the private sector that it now ignores when concerning itself. The Economic Espionage Act requires information to be protected to the same extent that one seeks to classify it as a secret or claim legal protection. Given the outrage expressed by senators, it is clear they wanted the information to be secret. But if information is left as unprotected in public or healthcare-related businesses as it was by the Democrats, corporate executives could be heavily fined or go to jail under HIPAA (Health Insurance Portability and Accountability Act), Sarbanes-Oxley, or GLBA (Gramm-Leach-Bliley Act) regulations.
While concern over political ethics in the Senate is important, it is a non-issue compared to this poster child for gross negligence in computer-security. Senators want to shun basic responsibilities that they impose on the private sector by making scapegoats over borderline ethical issues, instead of taking responsibility for the negligence this story tells. The public should be outraged that the Senate has spent hundreds of hours and countless dollars deflecting blame when inexpensive measures could have been easily taken. This story isn’t Memogate.