WASHINGTON -- If you've made a phone call, sent an email, paid a bill online, scanned a frequent shoppers card, updated your Facebook status or driven through a toll booth today, you've already created data points that hackers or government intelligence agents could use against you.
If policy makers don't restrict government surveillance programs, Americans could find themselves living in a police state before long, said Jody Westby, chief executive officer of Global Cyber Risk, LLC and a cybersecurity fellow at Carnegie Mellon University.
Ms. Westby was the keynote speaker Thursday at a panel discussion on cybersecurity at the exclusive Cosmos Club. The university convened the talk, "Hackers and Leakers," as part of its Washington Speaker Series, aimed at helping shape public policy while drawing attention to Carnegie Mellon's research contributions.
"People are not aware that every step and moment of their everyday life is either being photographed or videotaped, and every click is a digital fingerprint," Ms. Westby said.
She said Congress needs to commission a study about how the National Security Administration is using that information.
"I think they've been overstepping their bounds," and Congress is working on overhauling intelligence without understanding how data is already being used, she said.
She said most people think they have nothing to hide, but she cautioned about the potential for the NSA to use data points to create a misleading storyline in order to pursue criminal charges or justify additional surveillance.
Panelist Christopher Soghoian, senior technologist of the American Civil Liberties Union, said there is an inherent conflict in the government's interests in serving the intelligence community while protecting security.
"You cannot have a system that is easy to spy on also be a system that is secure. You have to pick one or the other," Mr. Soghoian said.
Ms. Westby said government surveillance capabilities are troubling and not consistent with the country's interests in freedom and personal privacy.
"Sure there's going to be some crimes committed. There may even be a terrorist attack that occurs, but that's always been the price of our society," she said.
Other speakers included David Brumley, an assistant professor in CMU's Electrical and Computer Engineering Department; Larry Clinton, president of the Internet Security alliance and Earl Crane of Promontory financial Group; and Matthew Scholl of the National Institute of Standards and Technology.
The hour-long discussion touched on identity theft, government surveillance and the conflict between security and privacy. The wide-ranging talk left audience members wanting more.
"We hope this spurs a series of more focused dialogues about the importance of cybersecurity," said Sharon Grant, CMU's senior director for external affairs, who started the speaker series six years ago. "When you have this kind of discussion -- a robust dialogue -- you're going to have a better outcome."
The goal isn't to lobby policymakers to move in any specific direction, but to help them make informed decisions on topical issues, she said.
"We are viewed by all parties as an honest broker, as doing cutting-edge research, and at thinking about these topics long before they become pressing," she said. "It's our hallmark that we think thoughtfully about real-world problems."
Research universities have a responsibility to share knowledge in a digestible way that informs sound public policy, and that's what CMU is trying to do with its speaker series, said Ms. Grant, a former Washington aide to Congressman Mike Doyle, D-Forest Hills.
That's important, Ms. Westby said. "I don't want these fools on the Hill to make decisions based on what they know, because right now they don't know enough," she said in an interview.
Previous Washington Speaker Series discussions focused on issues including climate change, rebuilding American cities, energy policy and infrastructure development.
Nearly 100 lobbyists, policy makers, congressional staffers, industry leaders, academics and alumni attended Thursday.
Washington Bureau Chief Tracie Mauriello: firstname.lastname@example.org, 703-996-9292 or on Twitter @pgpolitweets.