Cyber plan would give president kill switch power, senators warn

A 77-year-old law passed long before the advent of the Internet or even commercial TV could give the president dangerously broad authority over the Internet during a crisis, two senators warned Monday.

Proposed cybersecurity legislation released by the Obama administration earlier this month is similar to legislation now pending in the Senate, but it does not contain the explicit emergency powers contained in the bill introduced by Joseph I. Lieberman (I-Conn.) and Susan M. Collins (R-Maine).

“The administration appears to be relying on potentially sweeping authority in the outmoded Telecommunication Act of 1934,” Collins said. “This authority is far broader than the authority in our bill,” which she said “carefully constrains” the president’s power over the Internet.


Related stories:

Under cybersecurity plan, agencies would answer to DHS

Lieberman's new cybersecurity bill forbids a kill switch


Lieberman and Collins, the chairman and ranking member, respectively, of the Senate Homeland Security and Governmental Affairs Committee, held a hearing May 23 on the White House proposal. A panel of officials from the Homeland Security, Defense and Justice departments, and the National Institute of Standards and Technology, made the first in a round of appearances before congressional committees to support the proposal.

Philip R. Reitinger, who was making his farewell appearance before the committee as the outgoing deputy undersecretary for the DHS National Protection and Programs Directorate, acknowledged that the 1934 law was not designed for the current environment. But he said that “we would use the authority that it brings to bear in the right way.”

He characterized the president’s proposal not as a bill, but as the administration’s input into the legislative process, and said that presidential authority during a cyber emergency is one of the areas that would need to be negotiated.

Lieberman and Collins each cited a litany of recent computer breaches in government and the private sector to illustrate the need for improving the nation’s cybersecurity posture.

“We urgently need to pass strong cybersecurity legislation,” Lieberman said. “If we don’t do something soon, the Internet is going to become a digital Dodge City.”

Lieberman and Collins introduced a bill in the last Congress that did not move to the Senate floor for a vote, and have reintroduced legislation this year. Lieberman said that Senate Majority Leader Harry Reid (D-Nev.) has made cybersecurity a priority in this session and is working with the Republicans leadership and with leaders in the six Senate committees claiming jurisdiction over the issue to ensure passage this year.

The administration proposal released May 12 now is a part of those negotiations. Under both proposals, DHS would oversee cybersecurity in civilian government agencies and would have a more clearly defined role in protecting privately owned critical infrastructure. The approach to critical infrastructure protection would be a risk-management approach based on incentives and rewards.

“Cyberspace is not a place that is amenable to prescriptive, top-down regulation,” Reitinger said.

In the government arena, DHS would have the assistance of DOD but would remain in charge of civilian systems while DOD defended the .mil environment. The two departments have signed a memorandum of agreement for sharing information and resources. Robert J. Butler, DOD deputy assistant secretary for cyber policy, affirmed at the hearing that DHS has the lead. However, “DOD has unparalleled cybersecurity expertise,” said Reitinger.

Both bills would move policy and oversight under the Federal Information Security Management Act from the Office of Management and Budget to DHS, where it could be collocated with the operational activities of DHS.

In addition, the administration proposal would make existing criminal laws, including the Racketeering Influenced and Corrupt Organization statute, explicitly applicable to cybercrime, said Jason C. Chipman, senior counsel to the deputy attorney general.

Where the Senate and White House proposals differ is in executive branch authority and legislative branch oversight. The Senate bill would create an Office of Cybersecurity Coordinator in the White House, similar to position one now held by Howard Schmidt but requiring Senate confirmation.

“Whoever holds that position should be accountable to Congress,” Lieberman said.

The original Lieberman-Collins bill created controversy because of what critics called a “kill switch” provision that would have given the president authority over portions of the Internet during an emergency. This section was rewritten in the current bill to define the limits of the president’s authority and require congressional oversight.

Leaving these provisions out of the administration proposal would leave the president with far greater authority than that contained in the Senate bill, Collins said. She said the 1934 law, which applies to radio stations and which the administration has said gives the president authority over any communications infrastructure in an emergency, allows the president to shut down, take over or confiscate the equipment of stations.

“The president’s authority under this law is enormously broad,” she said, and she questioned why the administration would propose relying on it without updating it.

Both Reitinger and Chipman said the issue is open for negotiation. “It merits discussion,” Chipman said.

 

Reader Comments

Sat, May 28, 2011 Tom West Coast

If these misguided senators want to allow the president to disconnect a bunch of government agencies from the Internet on a whim, so be it. But leave the rest of the Internet alone. For instance, can you imagine the chaos in the nation's Emergency Rooms when the doctors cannot get patient history information in a timely fashion? You are going to have a bunch of deaths from the inevitable mistakes in drug administration. I have seen it happen due to a local server failure. You cannot imagine what it would be like nationwide. At any given time we could kill thousands of people within hours. But, the Internet would be safe.

Thu, May 26, 2011

Near as I can tell nowadays for either the President or Congress to do something they want to do doesn't require a law, it only requires a carefully constructed set of lies to justify whatever they want to do. I can complain about powers that are way out of control all I want - in the end those (*expletive deleted*)in Washington will do whatever they can get away with whenever they want and once the damage is done there is no way to un-do it.

Wed, May 25, 2011

Well, all of the other Dictators have this capability within their country so why not provide this power to the Clown we elected?

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above