Proposed Legislation Would Give President Expanded Power Over Internet

For all the whining and complaining about the Bush executive branch expanding its power, it appears now the Senate, at least in the guise of one Senator Jay Rockefeller, can’t wait to expand this president’s power.

In this case, the expansion of power is in the name of “cyber security”. And FYI, “cyber” is defined as anything having to do with the Internet, telecommunications, computers, or computer networks. Proposed is the following which is actually a rewrite of a previous attempt:

The new version would allow the president to “declare a cybersecurity emergency” relating to “non-governmental” computer networks and do what’s necessary to respond to the threat. Other sections of the proposal include a federal certification program for “cybersecurity professionals,” and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license.

Vague language, expanded power, expanded control – all the things with which any civil liberties watchdog would be concerned. When Rockefeller and Republican Olympia Snowe introduced the original bill, this was their declared reason:

“We must protect our critical infrastructure at all costs–from our water to our electricity, to banking, traffic lights and electronic health records,” Rockefeller said.

Yes we must, but it isn’t clear why government could do that better than private firms who would have just as invested an interest in security as would the government or why such security must be extended to the entire “non-governmental computer networks”, i.e. the internet.

Proponents liken the power to literally shut down the internet in an emergency to the power President Bush exercised to ground all aircraft in the wake of the 9/11 attacks.

Really? Given the state of cyber security, we couldn’t be much more precise than that?

Probably the most controversial language begins in Section 201, which permits the president to “direct the national response to the cyber threat” if necessary for “the national defense and security.” The White House is supposed to engage in “periodic mapping” of private networks deemed to be critical, and those companies “shall share” requested information with the federal government.

“The language has changed but it doesn’t contain any real additional limits,” EFF’s Tien says. “It simply switches the more direct and obvious language they had originally to the more ambiguous (version)…The designation of what is a critical infrastructure system or network as far as I can tell has no specific process. There’s no provision for any administrative process or review. That’s where the problems seem to start. And then you have the amorphous powers that go along with it.”

“Shall share?” For all intents and purposes, that makes those “private networks” so identified as anything but private. And, arbitrarily, just about any or all networks could be designated “critical” couldn’t they?

Cnet gives us the translation of what that means:

If your company is deemed “critical,” a new set of regulations kick in involving who you can hire, what information you must disclose, and when the government would exercise control over your computers or network.

How could that possibly be abused?

Again, we see the expansion of government power in a way which intrudes, imposes regulation and, in the end, controls. While “cyber security” is certainly important, it can be managed in a much less controlling and intrusive way than this. Like the health care insurance reform bill, this is one which needs to be torn up and the entire process started over again.