US Senate cyber security bill sparks debate, "internet takeover" fears

Picture 15.jpg

drudge-siren.gif

Well, this little viral number didn't take long to become the stuff of screaming Drudge sirens. So, over at CNET, Declan McCullagh wrote about an update to a cybersecurity bill that first circulated this spring. In his interpretation of the bill (which I haven't read in entirety, full disclosure), Declan says the bill gives the White House new power to unplug private-sector computers from the Internet in the case of national emergency. Snip:

[Critics of the earlier bill are] not much happier about a revised version that aides to Sen. Jay Rockefeller, a West Virginia Democrat, have spent months drafting behind closed doors. CNET News has obtained a copy of the 55-page draft of S.773 (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency.

The new version would allow the president to "declare a cybersecurity emergency" relating to "non-governmental" computer networks and do what's necessary to respond to the threat. Other sections of the proposal include a federal certification program for "cybersecurity professionals," and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license.

Bill would give president emergency control of Internet (CNET).

Commenting on this article, ZDNET's Sam Diaz argues that the White House is not equipped to hold the keys (where are these magical keys, btw?). "The argument that the government is ill-equipped and shouldn't be trusted with the such far-reaching power is no joke."

At the Atlantic, Mark Armbinder counters that Skepticism [is] Warranted — But Nuance Needed.

A few things to keep in mind. One: the president already has the authority to shut down parts of the Internet in emergencies.

The bill restates the power and expands it to make sure that any system that is too big to fail cannot be allowed to fail at the expense at the rest of the system. The analogy the bill's authors use is that of the president's power to order all aircraft to land in the event of a systemwide emergency. That power is — powerful! — but we're generally OK with it. The Internet, of course, is different, in kind and expanse. There's a broad sense that it should be free, unfettered, and allowed to evolve on its own. There's a broad sense that the Internet is to citizens today what guns were to civillian militias of the founding era — the trenchline against tyranny. (Editorial note: I agree.)

Maybe the White House should have this power in extreme emergencies, but it had better be clear about what those emergencies entail, and it had better accept accountability if it oversteps its authority. There is, aside from the obvious definitional issues, an inherent trade-off in codifying this power, and it's going to be tough to find a balance that satisfies everyone.

So far most of what I'm seeing in the way of online discussion around this *draft* bill (it's not yet law, guys) involves meta debates around authoritarianism and "is Obama Hitler," plus a lot of rehashing of boilerplate Libertarian and Republican talking points. I'm less interested in those thread-wars, and more interested in better understanding the murky technical details under discussion. I'll be reading what I can find over the weekend, but welcome your thoughts in the comments. No sirens plz.