Even as Google debates discontinuing its operations in China, there are larger Internet security issues at stake, says information security expert John D’Arcy, assistant professor of information technology management at the University of Notre Dame.
“Aside from potentially leading to Google’s withdrawal from China, the country’s stance toward censoring Web traffic may have broader ramifications that may strain U.S – Chinese relations,” says D’Arcy, who conducts research on information security and computer ethics.
In January, the search giant announced that it had been the victim of a series of cyber attacks apparently originating in China. Google subsequently said that it would end the practice of censoring searches, which left its future in China uncertain.
“First, such censorship tactics are at odds with the Obama administration’s ‘net neutrality’ stance. Essentially, net neutrality means that all Internet traffic, including Web content, should be free from restrictions of any kind,” says D’Arcy. “The Obama administration strongly supports the freedom of the Internet, which was reiterated recently by U.S. Secretary of State Hillary Clinton.”
D’Arcy adds that U.S. cyber security officials are already quite suspicious of the Chinese when it comes to information technology issues and information security in particular. Cyber security officials have consistently shown evidence that a substantial number of cyber attacks on U.S business and government systems are originating from China.
The Ministry of Industry and Information Technology in China typically reviews Internet licenses in March. Google faces losing its license if it continues to refuse to filter search results on Google.cn. Such censorship tactics are consistent with China’s stance toward controlling Web content, says D’Arcy, citing the summer Olympic games in Beijing in 2008, when foreign journalists were denied access to certain Web sites that the Chinese government deemed unacceptable.
In recent research, D’Arcy has examined the effectiveness of procedural and technical security controls in deterring computer abuse. His studies also investigate individual and organizational factors that contribute to end-user security behavior in the workplace. D’Arcy teaches an MBA course on technology risk management and an undergraduate course on computer networking and security. After gaining a BS in Finance from The Pennsylvania State University, he worked the following four years as a cost accountant and then a financial systems analyst for Ford Motor Company. During that time, he earned an MBA from LaSalle University. He subsequently earned a PhD in Business Administration with a concentration in Management Information Systems from Temple University.