Obama’s Attempt To Take Control Of The Internet

Obama has already seized control of the car companies and banks. He’s working on taking over health care. Next up, he wants to put the internet under his thumb:

Internet companies and civil liberties groups were alarmed this spring when a U.S. Senate bill proposed handing the White House the power to disconnect private-sector computers from the Internet.
They’re not much happier about a revised version that aides to Sen. Jay Rockefeller, a West Virginia Democrat, have spent months drafting behind closed doors. CNET News has obtained a copy of the 55-page draft (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency.

The new version would allow the president to “declare a cybersecurity emergency” relating to “non-governmental” computer networks and do what’s necessary to respond to the threat. Other sections of the proposal include a federal certification program for “cybersecurity professionals,” and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license.
“I think the redraft, while improved, remains troubling due to its vagueness,” said Larry Clinton, president of the Internet Security Alliance, which counts representatives of Verizon, Verisign, Nortel, and Carnegie Mellon University on its board. “It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill.”

Representatives of other large Internet and telecommunications companies expressed concerns about the bill in a teleconference with Rockefeller’s aides this week, but were not immediately available for interviews on Thursday.

…The Rockefeller proposal plays out against a broader concern in Washington, D.C., about the government’s role in cybersecurity. In May, President Obama acknowledged that the government is “not as prepared” as it should be to respond to disruptions and announced that a new cybersecurity coordinator position would be created inside the White House staff. Three months later, that post remains empty, one top cybersecurity aide has quit, and some wags have begun to wonder why a government that receives failing marks on cybersecurity should be trusted to instruct the private sector what to do.

Rockefeller’s revised legislation seeks to reshuffle the way the federal government addresses the topic. It requires a “cybersecurity workforce plan” from every federal agency, a “dashboard” pilot project, measurements of hiring effectiveness, and the implementation of a “comprehensive national cybersecurity strategy” in six months–even though its mandatory legal review will take a year to complete.

The privacy implications of sweeping changes implemented before the legal review is finished worry Lee Tien, a senior staff attorney with the Electronic Frontier Foundation in San Francisco. “As soon as you’re saying that the federal government is going to be exercising this kind of power over private networks, it’s going to be a really big issue,” he says.
Probably the most controversial language begins in Section 201, which permits the president to “direct the national response to the cyber threat” if necessary for “the national defense and security.” The White House is supposed to engage in “periodic mapping” of private networks deemed to be critical, and those companies “shall share” requested information with the federal government. (“Cyber” is defined as anything having to do with the Internet, telecommunications, computers, or computer networks.)

“The language has changed but it doesn’t contain any real additional limits,” EFF’s Tien says. “It simply switches the more direct and obvious language they had originally to the more ambiguous (version)…The designation of what is a critical infrastructure system or network as far as I can tell has no specific process. There’s no provision for any administrative process or review. That’s where the problems seem to start. And then you have the amorphous powers that go along with it.”
Translation: If your company is deemed “critical,” a new set of regulations kick in involving who you can hire, what information you must disclose, and when the government would exercise control over your computers or network.

There are very serious cybersecurity issues our country needs to deal with and we should be spending more time on them. However, even setting aside the constitutional issues presented here, this is not the approach we should be taking.

Quite frankly, the government does not have the expertise, common sense, or restraint necessary to handle this kind of legislation. That means if it were to go through, it would almost be guaranteed to expand over time. You can also be sure that this power would lead to abuse.

Moreover, it’s extremely ironic that this is even being proposed given all the carping we heard about the Patriot Act and some of the other tactics being used by the government over the last 8 years. This is considerably more dangerous and intrusive than anything that was done during the Bush years.

I’d also note that it’s not just “wags” who might “wonder why a government that receives failing marks on cybersecurity should be trusted to instruct the private sector what to do.” Why in the world any sane person would want a bunch of bureaucrats and geriatric geezers who can barely figure out how to double click a mouse writing obtrusive new regulations that will greatly affect something that has been as successful as the Internet is beyond me.

It may be impossible to keep the government’s tentacles completely out of the Internet, but the less they’re involved, the better. Conservatives and non-political tech junkies may disagree about a lot of things, but on this issue, we should be on the same team.

Permalinks


Share this!

Enjoy reading? Share it with your friends!

Send this to a friend