Security on the internet

Feb. 28, 2000
Seemingly unrelated events of the past few months and weeks combine to give the oil and gas industry a troubling view of the future.

Seemingly unrelated events of the past few months and weeks combine to give the oil and gas industry a troubling view of the future.

First there was the November 1999 fiasco in Seattle, in which protesting vandals thwarted negotiations of the World Trade Organization. More recently, computer vandals choked traffic on several popular sites on the worldwide web, including Yahoo! and e*Bay.

Expecting more

The Seattle disruption elevated direct action on the spectrum of political discourse. Christopher Rosch

"Seattle should serve as a wake-up call for what is likely to be an escalation of various types of direct-action campaigns against a wide range of large, multinational corporations in the coming year," he writes in Control Risk's newsletter Trendline. "Actions can range from nonviolent demonstrations and lobbying campaigns to the more violent attacks against property."

As a perennial target of political activists, the oil and gas industry should take that warning seriously. It has been the victim of direct action already, most notoriously when Greenpeace activists boarded Royal Dutch/Shell Group's Brent spar oil storage vessel in 1995 and prevented its being scuttled in the deep Atlantic.

For activists inclined toward direct action, the internet is a handy vehicle that offers the extra benefit of anonymity. The mayhem on Yahoo! and e*Bay showed what's technically possible. It also accelerated work by the US government on internet security programs, which in turn raised proper concern about limits to freedom of expression.

For the moment, direct action via the internet doesn't threaten much in the oil and gas business. Computer vandals-hackers, as they're called-might jam web sites of companies or trade groups. But relatively little industry business is conducted on the internet-so far.

That's changing rapidly. Electronic commerce is popping up everywhere in the industry. Countless web sites have appeared to handle transactions involving oil and gas equipment, information, leases, and producing properties. This magazine's web site has a rapidly developing e-commerce dimension.

Very soon, much of the industry's business will occur on the internet. There it will be exposed not just to the mischief of misfits who hack for fun but also to computer-savvy activists eager to impede industry operations however they can.

What to do? Obviously, companies must make security a top priority. The internet's core value is global reach. That means access to the bad and dangerous of the world as well as to the good and valuable. Development of firewalls, filters, and other protections must forever be part of electronic business.

Companies also should become more aggressive than they have been to date about defending themselves politically against direct action. They need to assert publicly that expression ceases to be protected freedom when it causes demonstrable harm.

It is one thing for environmental activists to publish antioil manifestos on their web sites or even in the "chat" areas of oil company sites. It is something quite different for activists trying to make a point to hack an e-commerce site handling, say, leasing transactions. The former is expression. The latter is crime.

Governments too soft

Governments have been too soft on crimes involving direct political action, especially by environmentalists. No proper jail sentences followed the reckless Greenpeace stunt with Brent spar. US President Bill Clinton rewarded the window-kicking hooligans in Seattle by declaring that their message needed to be heard.

In addition to shoring up electronic security, therefore, oil companies should resist such destructive tolerance by governments, which are supposed to enforce laws. Crimes are crimes. Even when environmentalists commit them. Even on the internet.