INTERNET INTERFERENCE FROM THE WHITE HOUSE UNDER THE
MICROSCOPE
4 September 2009
Users, internet companies and civil liberties
alike critical on draft law
The respected top political reporter for CNet News,
Declan McCullagh, wrote a fascinating update this week
on a little known law currently being drafted in the
United States which could hand the White House the power
to disconnect private-sector computers from the
Internet.
Such a contentious threat to the
freedom of the Internet was bound to attract the
attention of users, Internet companies and civil
liberties groups, who were alarmed this spring when news
of the controversial draft surfaced in Washington DC.
McCullagh reports that aides to Senator Jay
Rockefeller, a West Virginia Democrat, have spent months
drafting behind closed doors. CNet News obtained a copy
of the 55-page draft of S.773, which despite revision
still appears to permit the US president to seize
temporary control of private-sector networks in the
event of a "cybersecurity emergency."
"The new
version would allow the president to "declare a
cybersecurity emergency" relating to "non-governmental"
computer networks and do what's necessary to respond to
the threat," writes McCullagh. "Other sections of the
proposal include a federal certification program for "cybersecurity
professionals," and a requirement that certain computer
systems and networks in the private sector be managed by
people who have been awarded that license."
Larry Clinton, president of the Internet Security
Alliance, told McCullagh: "I think the redraft, while
improved, remains troubling due to its vagueness. It is
unclear what authority Sen. Rockefeller thinks is
necessary over the private sector. Unless this is
clarified, we cannot properly analyze, let alone support
the bill." The Alliance counts representatives of
Verizon, Verisign, Nortel, and Carnegie Mellon
University on its board.
Representatives of other
large Internet and telecommunications companies
expressed concerns about the bill in a teleconference
with Rockefeller's aides this week, McCullagh reported.
A spokesman for Senator Rockefeller approached
by McCullagh declined to comment on the record, saying
that many people were unavailable because of the summer
recess.
However, a Senate source familiar with
the bill compared the president's power to take control
of portions of the Internet to what President Bush did
when grounding all aircraft on September 11, 2001. The
source said that one primary concern was the electrical
grid, and what would happen if it were attacked from a
broadband connection.
McCullagh recalls that
when Rockefeller, the chairman of the Senate Commerce
committee, and Olympia Snowe, a Republican from Maine
introduced the original bill in April this year, they
claimed it was vital to protect national cybersecurity.
"We must protect our critical infrastructure at all
costs - from our water to our electricity, to banking,
traffic lights and electronic health records,"
Rockefeller said.
In May, President Obama
acknowledged that the government is "not as prepared" as
it should be to respond to cyber-disruptions and
announced that a new cybersecurity coordinator position
would be created inside the White House staff.
"Three months later, that post remains empty, one top
cybersecurity aide has quit, and some wags have begun to
wonder why a government that receives failing marks on
cybersecurity should be trusted to instruct the private
sector what to do," McCullagh trenchantly observes.
In his analysis of the proposed legislation,
McCullagh writes that Rockefeller's legislation seeks to
reshuffle the way the federal government addresses the
topic. It requires a "cybersecurity workforce plan" from
every federal agency, a "dashboard" pilot project,
measurements of hiring effectiveness, and the
implementation of a "comprehensive national
cybersecurity strategy" in six months - even though its
mandatory legal review will take a year to complete.
Lee Tien, a senior staff attorney with the
Electronic Frontier Foundation in San Francisco, told
McCullagh that the privacy implications of sweeping
changes implemented before the legal review is finished
worry him.
"As soon as you're saying that the
federal government is going to be exercising this kind
of power over private networks, it's going to be a
really big issue," he predicted.
Probably the
most controversial language begins in Section 201, which
permits the president to "direct the national response
to the cyber threat" if necessary for "the national
defense and security."
The White House is
supposed to engage in "periodic mapping" of private
networks deemed to be critical, and those companies
"shall share" requested information with the federal
government. ("Cyber" is defined as anything having to do
with the Internet, telecommunications, computers, or
computer networks.)
"The language has changed
but it doesn't contain any real additional limits,"
EFF's Tien says. "It simply switches the more direct and
obvious language they had originally to the more
ambiguous (version)...The designation of what is a
critical infrastructure system or network as far as I
can tell has no specific process. There's no provision
for any administrative process or review. That's where
the problems seem to start.
"And then you have
the amorphous powers that go along with it."
McCullagh adds: "Translation: If your company is deemed
"critical," a new set of regulations kick in involving
who you can hire, what information you must disclose,
and when the government would exercise control over your
computers or network."
The Internet Security
Alliance's Clinton adds that his group is "supportive of
increased federal involvement to enhance cyber security,
but we believe that the wrong approach, as embodied in
this bill as introduced, will be counterproductive both
from an national economic and national secuity
perspective."
McCullagh subsequently managed to
squeeze a comment from Jena Longo, deputy communications
director for the Senate Commerce committee, who said in
a statement:
"The president of the United States
has always had the constitutional authority, and duty,
to protect the American people and direct the national
response to any emergency that threatens the security
and safety of the United States.
"The
Rockefeller-Snowe Cybersecurity bill makes it clear that
the president's authority includes securing our national
cyber infrastructure from attack. The section of the
bill that addresses this issue, applies specifically to
the national response to a severe attack or natural
disaster.
"This particular legislative language
is based on longstanding statutory authorities for
wartime use of communications networks.
"To be
very clear, the Rockefeller-Snowe bill will not empower
a "government shutdown or takeover of the Internet" and
any suggestion otherwise is misleading and false. The
purpose of this language is to clarify how the president
directs the public-private response to a crisis, secure
our economy and safeguard our financial networks,
protect the American people, their privacy and civil
liberties, and coordinate the government's response."
http://news.cnet.com/8301-13578_3-10320096-38.html
Online Casino News Courtesy of
Infopowa
More news here.
Top of page |
Home |
News |
Forum |
Webcast |
Vortran |
Accredited Casinos |
Evil Ones |
Pitch a Bitch |
Online Gambling Resources |
Poker
|
|
