Editorial: Think Before You Click

We got an e-mail last week from a former ‘B&C’ employee who was stuck in London, having just had all her cash and credit cards stolen and getting no help from the police. Likely, this is starting to sound familiar to many out there.

It is amazing how many people have gone to London only to be mugged, get no help from the constabulary, then sent e-mails to friends on their contact list written in awkward English as though it is not the speaker’s first language. “I’m writing with tears in my eyes,” began the e-mail, sounding more like the translation of the opening to an Isaac Bashevis Singer short story than any friends of ours, before lurching toward a close, dropping articles and wounding syntax on the way.

Of course, it is an online phishing expedition currently making the rounds, but it is surprising how many people wind up falling for these scams, and far worse. (P.S. If an African government official asks you to safekeep $10 million for him, don’t.) In fact, at an FCC forum last week, the former head of the Department of Homeland Security, Michael Chertoff, said he too had been contacted by a friend who had had their wallet stolen in London, etc.

Falling prey to cyberscams and crimes is bad enough for individuals, but it can be catastrophic for companies and governments.

That is why we were pleased to see the FCC launching its cybersecurity education campaign last week. It is initially targeted to small businesses because they are the primary drivers of jobs and securers of innovative patents, the FCC suggested— with innovation and job creation being the twin mantras of this broadband-centric commission. But the advice applies to anyone having to deal regularly online—which, let’s face it, is just about everyone in business and elsewhere these days.

And education is the key here, rather than government- posed online protection regimes. The same goes with issues like online targeted marketing. Just as we don’t want government filtering our e-mails, the Internet, to remain free—as in supported by advertisers and marketers wishing to reach consumers—must be able to offer ads that take advantage of its unique power to target. It’s vital for everyone to work together to insure that that target is not a bull’s eye on our financial and personal information.

We were also pleased last week to find that the White House is proposing a cybersecurity protection public-private partnership with critical infrastructure companies that would avoid a top-down, government-imposed regime. Instead, the administration is proposing to have the Department of Homeland Security work with those critical infrastructure industries to come up with their own cybersecurity framework, with an outside civil liberties review for any information that needs to be shared with government.

The details are yet to be worked out, so we will reserve judgment until we see how much government stick there is behind the carrot of that self-regulatory system, particularly since an administration official signaled to reporters last week that DHS will be able to impose a framework on companies that are not forthcoming with their own. But the problem is a real one, and the solution will have to come from a team effort. The National Cable & Telecommunications Association, for one, weighed in against a government-imposed regime; the government appears to have listened.

While the administration has yet to identify the critical infrastructure that would need to be a government partner, it will undoubtedly include cable ISPs, given that “cyber” is part of their job description as among the largest providers of Internet access service.

We would argue the sophisticated “Wild West” of Internet hacking and spamming is one reason the FCC should give cable operators and other ISPs wide latitude to manage their networks to prevent malware and viruses and such phishing trips that wind up hooking not only the gullible and generous-natured but vulnerable seniors and the momentarily inattentive, given how sophisticated some of these techniques have become.

The FCC’s network neutrality rules allow for such management, but interpretation is still open to question. From all we hear out of the White House and the FCC, they are making a strong case for giving ISPs plenty of room to prevent our fake friends from stealing our real wallets and business models.