The Clinton administration yesterday offered a revised plan for improving the security of government computer systems, after criticism that an earlier proposal to monitor Internet activity would erode the privacy of computer users.
The original plan for the Federal Intrusion Detection Network, or Fidnet, created an uproar this summer among civil libertarians and others who complained that the system could be used to track people who contacted government agencies online.
Among the loudest critics were GOP leaders on Capitol Hill, who fired off letters to President Clinton and Attorney General Janet Reno, saying the proposal "raises the Orwellian possibility" that government bureaucrats could misuse the information.
Under that earlier proposal, Fidnet would have used an array of software to seek out patterns of activity that might indicate the insertion of a computer virus or an intrusion by a hacker, terrorist or foreign government. Upon detection, such patterns would have been automatically relayed to a central monitoring site at the Federal Bureau of Investigation.
The new plan, submitted to Congress in an amended budget request, would limit the scope of data collection and analyze only activity on government computers that seems suspicious, according to administration officials.
No information about the use of government computers online will automatically be sent to the FBI or other law enforcement agencies, officials said. Instead, data will be forwarded only when a government agency believes it has identified suspicious activity, officials said.
In addition, the Fidnet system will not create new links to private computer systems, as some critics had feared, according to officials who helped draft the proposal. It will focus on training experts at each federal agency to identify computer intrusions, the officials said.
Peter P. Swire, the administration's privacy counselor, said the revised proposal attempts to protect both privacy and the security of government computers.
"Fidnet will help assure that critical government computer system have the same protections that have become standard in the private sector," Swire said.
Officials at the National Security Council, which drew up the original plans for the system, said the administration's plan also calls for a "federal cyber service training" initiative that would develop a much larger group of government security experts.
NSC spokesman David Leavy said the proposal now reflects some of the concerns of critics.
"The president determined the threat to the nation's computers and critical infrastructure is one of the main challenges in the next century," Leavy said. "This proposal balances the efforts to safeguard our national security with the need for privacy."
A civil liberties activist applauded the new proposal, particularly the limits on automatic data collection.
"It seems to be a significant refocusing for the better," said James X. Dempsey, senior staff counsel at the Center for Democracy and Technology, a nonprofit public policy group in Washington that had criticized the draft proposal. "The role of the FBI has returned to what it should be, which is the investigation of apparent crimes."
The administration request, a modification of the fiscal 2000 budget that Clinton sent to Congress in February, asks for an additional $39 million to fund an array of programs for "Critical Infrastructure Protection," including about $8.4 million for the Fidnet initiative. Administration officials said the proposal is fully paid for by offsets in other areas.