A bill pending in Congress, The Cybersecurity Act of 2009, sponsored by John Rockefeller (D) and Olympia Snowe (R) attempts to deal with very real threats to the nation’s cyber-infrastructure. Attacks on military, government and civilian cyber-infrastructure are all too real, and it is time the nation woke up to the problem.
But one provision in the bill has received scant attention, other than an article in Mother Jones (via Memeorandum). The provision allows the President to declare a cyber emergency, shut down the internet, and access almost any cyber-information. The President may
declare a cybersecurity emergency and order the limitation or shutdown of internet traffic to and from any compromised Federal government or United States critical infrastructure information system or network” (Sec. 18(2))
The term “United States critical infrastructure information system or network” includes federal, state and local governmental, and non-governmental systems or networks. In other words, everything. (Sec. 23(3)) The President also
shall have access to all relevant data concerning such networks without regard to any provision of law, regulation, rule or policy restricting such access. (Sec. 14(b)(1))
The standards in the Act as to what constitutes an emergency, and what the President can do with the information, are unacceptably vague. While cyber-security is increasingly important, I worry about giving such sweeping powers to ANY President, much less one who already has created a cult of personality enabled, in part, by an adoring media.
And with Rahm Emanuel, John Podesta, and James Carville at the President’s side, we all can sleep peacefully knowing that the information gathered through this program will not be used for political purposes.
Remember all the fury from the Left over the Patriot Act and other attempts to give the government the ability to intercept communications believed to be between terrorists? Or to provide immunity to telecommunications companies which cooperate with the government? Why the silence here from the always-critical-of-anything-which-makes-us-safer blogs and public interest groups?
ACLU, HuffPo, Talking Points Memo, Glenn Greenwald, FireDogLake, Ezra Klein, etc. – Where are you?
UPDATE: Apparently the techies were onto this before the rest of us. E-week (h/t Libertarian Republican) has a good discussion of the bill and notes the unintended consequences of homogenizing cyber-security infrastructure:
The bill would also impose mandates for designated private networks and systems, including standardized security software, testing, licensing and certification of cyber-security professionals.
“Requiring firms to get government approval for new software would hamper innovation and would have a negative effect on security,” Nojeim said. “If everyone builds to the same standard and the bad guys know those standards it makes it easier for the bad guys.”