By Susan Brinkmann, OCDS
Alarms are being sounded over a Senate bill that will grant the White House the power to disconnect private-sector computers from the Internet in the event of an emergency.
Sen. Jay Rockefeller (D-WV) has been drafting the bill behind closed doors for months and would allow the president to “declare a cybersecurity emergency” relating to “non-governmental” computer networks and do whatever is necessary to respond to the threat.
According to CNET.News, which obtained a copy of the 55 page bill, it also proposes a federal certification program for “cybersecurity professionals” and a requirement that certain computer systems and networks in the private sector be managed only by people who have these licenses.
Larry Clinton, president of the Internet Security Alliance, which includes internet giants such as Verizon, Verisign, Nortel and Carnegie Mellon on its board, called the bill “troubling” due to its vagueness.
“It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector,” Clinton told CNET. “Unless this is clarified, we cannot properly analyze, let alone support the bill.”
Senate sources familiar with the bill claim it will give the president power to control portions of the Internet similar to what President Bush did when he grounded all aircraft on Sept. 11, 2001. However, in this case, it would be used to counter a cybersecurity breach, something the Obama administration has admitted it is not as prepared as it should be to address. For this reason, the president announced the establishment of a new cybersecurity coordinator position three months ago but the position remains unfilled and a top cybersecurity aide has already quit.
The most controversial language in the bill is in Section 201, which permits the president to “direct the national response to the cyber threat” if necessary for “the national defense and security.” The White House will engage in “periodic mapping” of private networks deemed to be critical, and those companies “shall share” requested information with the federal government. (“Cyber” is defined as anything having to do with the Internet, telecommunications, computers, or computer networks.)
In other words, if a company is deemed “critical,” it will mean a new set of regulations about who can be hired, what information must be disclosed, and when the government can exercise control over its computers or network.
While Clinton says his group is supportive of federal involvement in cyber security, “we believe that the wrong approach, as embodied in this bill as introduced, will be counterproductive both from an national economic and national security perspective.”
© All Rights Reserved, Living His Life Abundantly®/Women of Grace® http://www.womenofgrace.com