Bill would give president emergency control of Internet
CNET
Internet companies and civil liberties groups were alarmed this spring when a U.S. Senate bill proposed handing the White House the power to disconnect private-sector computers from the Internet.
They’re not much happier about a revised version that aides to Sen. Jay Rockefeller, a West Virginia Democrat, have spent months drafting behind closed doors. CNET News has obtained a copy of the 55-page draft of S.773 (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency.
The new version would allow the president to “declare a cybersecurity emergency” relating to “non-governmental” computer networks and do what’s necessary to respond to the threat. Other sections of the proposal include a federal certification program for “cybersecurity professionals,” and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license.
“I think the redraft, while improved, remains troubling due to its vagueness,” said Larry Clinton, president of the Internet Security Alliance, which counts representatives of Verizon, Verisign, Nortel, and Carnegie Mellon University on its board. “It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill.”
Representatives of other large Internet and telecommunications companies expressed concerns about the bill in a teleconference with Rockefeller’s aides this week, but were not immediately available for interviews on Thursday.
A spokesman for Rockefeller also declined to comment on the record Thursday, saying that many people were unavailable because of the summer recess. A Senate source familiar with the bill compared the president’s power to take control of portions of the Internet to what President Bush did when grounding all aircraft on Sept. 11, 2001. The source said that one primary concern was the electrical grid, and what would happen if it were attacked from a broadband connection.
When Rockefeller, the chairman of the Senate Commerce committee, and Olympia Snowe (R-Maine) introduced the original bill in April, they claimed it was vital to protect national cybersecurity.
“We must protect our critical infrastructure at all costs–from our water to our electricity, to banking, traffic lights and electronic health records,” Rockefeller said.
The Rockefeller proposal plays out against a broader concern in Washington, D.C., about the government’s role in cybersecurity. In May, President Obama acknowledged that the government is “not as prepared” as it should be to respond to disruptions and announced that a new cybersecurity coordinator position would be created inside the White House staff. Three months later, that post remains empty, one top cybersecurity aide has quit, and some wags have begun to wonder why a government that receives failing marks on cybersecurity should be trusted to instruct the private sector what to do.
Rockefeller’s revised legislation seeks to reshuffle the way the federal government addresses the topic. It requires a “cybersecurity workforce plan” from every federal agency, a “dashboard” pilot project, measurements of hiring effectiveness, and the implementation of a “comprehensive national cybersecurity strategy” in six months–even though its mandatory legal review will take a year to complete.
The privacy implications of sweeping changes implemented before the legal review is finished worry Lee Tien, a senior staff attorney with the Electronic Frontier Foundation in San Francisco.
“As soon as you’re saying that the federal government is going to be exercising this kind of power over private networks, it’s going to be a really big issue,” he says.
Probably the most controversial language begins in Section 201, which permits the president to “direct the national response to the cyber threat” if necessary for “the national defense and security.” The White House is supposed to engage in “periodic mapping” of private networks deemed to be critical, and those companies “shall share” requested information with the federal government. (“Cyber” is defined as anything having to do with the Internet, telecommunications, computers, or computer networks.)
“The language has changed but it doesn’t contain any real additional limits,” EFF’s Tien says. “It simply switches the more direct and obvious language they had originally to the more ambiguous (version)…The designation of what is a critical infrastructure system or network as far as I can tell has no specific process. There’s no provision for any administrative process or review. That’s where the problems seem to start. And then you have the amorphous powers that go along with it.”
Translation: If your company is deemed “critical,” a new set of regulations kick in involving who you can hire, what information you must disclose, and when the government would exercise control over your computers or network.
The Internet Security Alliance’s Clinton adds that his group is “supportive of increased federal involvement to enhance cyber security, but we believe that the wrong approach, as embodied in this bill as introduced, will be counterproductive both from an national economic and national secuity perspective.”
CNET News has obtained a copy of the 55-page draft (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency.
http://www.politechbot.com/docs/rockefeller.revised.cybersecurity.draft.082709.pdf
S.773 – Cybersecurity Act of 2009
http://www.opencongress.org/bill/111-s773/show
4/1/2009–Introduced.Cybersecurity Act of 2009 – Directs the President to establish or designate a Cybersecurity Advisory Panel to advise the President. Defines “cyber” as: (1) any process, program, or protocol relating to the use of the Internet or an intranet, automatic data prCloseOfficial Summary4/1/2009–Introduced.
More at link
Someone with a conscience maybe???????? I wonder why she quit her job???
August 4, 2009
WH on resignation of Cybersecurity adviser Melissa Hathaway
Major Garrett
FOX News White House blog
A White House official tells Fox that cyber security adviser Melissa Hathaway leave her post on August 21,2009.
The White House, through spokesman Nick Shapiro, denies her departure will complicate the already slow process of appointing a cybersecurity coordinator (the WH doesn’t call it a czar). It’s been 2 months since President Obama announced his intention to name the coordinator/czar and Hathaway’s departure is related to frustration over the delay.
Hathaway has been on detail to the National Security Staff from the Office of the Director of National Intelligence. Her initial assignment was up on 9 April and her second detail goes through 9 August. She will stay in her current assignment of Acting Senior Director for Cyberspace until August 21st.
“We are grateful for her dedicated service and for the significant progress she and her team have made on our national cybersecurity strategy,” Shapiro said. “Cybersecurity is a major priority for the President which is why shortly after taking office he directed his National Security Council and Homeland Security Council to conduct a top-to-bottom review of the federal government’s efforts to defend our information and communications infrastructure and to recommend the best way to secure these networks and our prosperity. The White House released the report and announced the creation of a cyber security coordinator who will have direct access to the President and that the Obama administration is pursuing a new comprehensive approach to securing America’s digital infrastructure. The President is personally committed to finding the right person for this job, and a rigorous selection process is well underway.”
Call for White House Control of Security
New York Times, The (NY) – Thursday, April 23, 2009
Author: JOHN MARKOFF Thom Shanker contributed reporting from Washington.
“It requires leading from the top: from the White House, to departments and agencies, state, local, tribal governments, the C-Suite, and to the local classroom and library,” said the official, Melissa Hathaway, who was named acting senior director for cyberspace by President Obama and given responsibility for a 60-day review of the issues surrounding cyberspace threats.
There are now at least three camps involved in the decision that the president will make about control of cybersecurity, Mr. Lewis said: traditional national security policy analysts who are not focused on the cyberthreat; intelligence and military agencies that are seeking to consolidate power and influence over cyberpolicy; and an influential group that has said stricter cybersecurity regulations could damage innovative Internet industries associated with Silicon Valley.
“We didn’t expect the Googles of the world coming in and saying, this makes us nervous,” he said.
Several former government executives said they saw the early influence of the Obama administration on Ms. Hathaway ‘s speech.
Cyber -security czar quits after administration’s delays in finding successor
Seattle Post-Intelligencer (WA)
Tuesday, August 4, 2009
For several months, the Obama administration’s promise to make cyber -security a national priority has felt like a New Year’s resolution to start going to the gym: you really mean to start, but you just never get to it.
And as a result of that, now the country’s top cyber -security seat is going to start getting dusty. The Obama administration cyber -security czar Melissa E. Hathaway announced on Monday she will resign, apparently fed up of waiting for the president to name her successor.
“I wasn’t willing to continue to wait any longer because I’m not empowered right now to continue to drive the change,” Hathaway told The Washington Post.
Hathaway was the top aide on cyber -security under the Bush administration and was asked to remain in the post to lead a 60-day review of cyber -security policies after Obama was elected.
But Hathaway had been spinning her wheels ever since, The Wall Street Journal reported. She apparently became ostracized after suggesting regulating some private-sector entities’ networks and, well, the Bush administration’s former aide probably wasn’t the most popular girl in the new school.
.
Wild Thing’s comment……..
This would be suicide..political and otherwise. Obama like all tyrants,wants total control over speech. This is a blatant attempt by the government to control all forms of communication. We aren’t to know anything other than what the government tells us. If Obama stays in power much longer, the government will control talk radio and the Internet.
….Thank you Mark for sending this to me.
Mark
3rd Mar.Div. 1st Battalion 9th Marine Regiment
1/9 Marines aka The Walking Dead
VN 66-67
The feds already have that option, it’s called Martial Law. This radical SOB only wants more power for the Emmanuel brothers to weild.
Control of all private communications will make it difficult for we the people to unite in opposition to a total power grab by an out of control government like the one we have now. The internet and talk radio are at the forefront of spreading information contrary to the WH bullshit we get from Gibbs et al.
I am still wondering what obama’s plans are for gun control and confiscation. He has been very quiet about guns, but in the campaign he let us know that Chicago style gun laws were in his plans.
Jack, yes that is true, it is already there
to use.
Tom, me too, I am hoping there will be
enough democrats that will want to keep
their guns to keep Obama from getting the
gun control thing passed.