No words can adequately describe the tragedy of Tuesday, Sept. 11. But there can be action. And there certainly will be change. It was a gut-wrenching mix of personal concern and professional obligation under the worst of circumstances. As IT managers struggled to come to grips with the attacks in New York and Washington, many also worked overtime to ensure that their companies' systems and those of their clients and partners continued to run. The work is far from over, but already it's clear there will be far-reaching implications in the way IT is used and managed. The privacy debate may be forever altered: According to a survey of 2,000 business-technology professionals conducted by InformationWeek Research last week, 71% would be willing to trade more of their privacy for greater protection from terrorist threats. And security is more critical than ever. As the nation rebuilds, we welcome your thoughts, comments, and concerns at our Listening Post.

---

In the wake of last Tuesday's terrible events, calls for greater scrutiny of computers and electronic communications for signs of illegal activity are already being heard. The ease with which information can be shared globally, for all its good, also works to the advantage of terrorists, says Howard Perlmutter, professor emeritus of social architecture at the Wharton School of the University of Pennsylvania. The question is whether heightened surveillance will upset the delicate balance between legitimate law-enforcement efforts and individual privacy.

"The national dialogue about privacy of information and security of personal data is about to be altered inexorably," says Robert Rubin, CEO of Valley Management Consultants. "Our perception of appropriate individual rights of privacy will be modified to increase physical security for our loved ones and ourselves."

A large majority of business-technology managers (84%) believe that the U.S. government should increase its monitoring of global electronic communications, according to an online survey conducted late last week by InformationWeek Research. And 53% say Americans should give the government greater leeway to monitor domestic electronic communications. Also, 71% say personal privacy must be sacrificed in times of national crisis.

But privacy advocates fear that such changes would erode the personal liberty that underpins life in the United States. "The obvious reaction to the terrorist attack is to clamp down on security and perform more invasive searches," says Jason Catlett, president of Junkbusters Corp., a consumer privacy group. "A free society decides to place limits on what government agencies can do, and it would be a mistake to have a knee-jerk reaction to abandon those limits due to the recent tragedies."

Lisa Sipe, director of core business systems at American Power Conversion Corp. in West Kingston, R.I., agrees. She believes current laws are adequate. Nevertheless, she says, she expects some change, especially in the short term. "People may be rethinking the balance between their own individual liberties and a secure environment," Sipe says.

Electronic surveillance is already an integral part of law enforcement's arsenal of investigative tools. Last week, FBI officials asked for and received electronic records from at least four Internet service providers--AOL Time Warner, EarthLink, Microsoft's MSN and Hotmail services, and Yahoo--on subscribers believed to be linked to the attacks. In obtaining the records, the FBI exercised powers granted under the Foreign Intelligence Surveillance Act, which gives the government wide latitude in investigating suspected espionage or terrorist activity.

EarthLink says it hasn't installed monitoring equipment on its network and doesn't intend to, though it cooperates with law-enforcement officials on specific investigations. But the attacks are likely to give federal officials justification to continue or even expand surveillance techniques such as the FBI's controversial DCS-1000 technology, known as Carnivore, which, when attached to an ISP's server, can filter large amounts of E-mail to identify and capture messages to and from targeted suspects.

Many IT professionals acknowledge just how fragile the expectation of privacy is in the case of electronic communications such as E-mail, especially in the workplace, where internal monitoring is already common practice. "You give up your privacy when you join a firm," says Gary Douglas, supervisor of Web support at Andersen. "Any large company at this point is tighter with how workers surf the Web and what they use E-mail for, and I don't think that's going to change."

Texaco Inc. in White Plains, N.Y., doesn't routinely monitor employees' E-mail. "When we discover or have reason to believe that someone is using the facilities for purposes for which they weren't intended, then we try to take action against those individuals, rather than instituting more blanket policies that are difficult to police," says John Old, the energy company's director of information.

Still, some IT executives say it may be necessary to give up even more privacy if doing so will result in safeguarding lives. "I'd be willing to sacrifice some personal privacy for the greater safety of everyone," says Jason Lillie, a principal at NOC Builder Inc., a software and consulting-services firm in Plano, Texas. Whether it's through government eavesdropping, corporate monitoring, or viewing by service-provider employees, Lillie says, "when it's electronic, everything is very accessible."

Read, "Assessing The Impact (Part One)"