|COMMENT By Bob Weaver|
This is a continuing series of articles about government action taken while you were sleeping, everything from President George Bush assuming power over the state's National Guard units for federal call-up (state's once had to make the decision) to placing computer chips in your car that indicates your driving skills and habits.
Following several years of unprecedented invasion of personal privacy in America, now comes a new bill that is working its way through Congress.
The Cybersecurity Act of 2009, introduced by Senators Jay Rockefeller (D-WV) and Olympia Snowe (R-ME).
The bill has several risks giving the federal government unprecedented power over the Internet without necessarily improving security in the ways that matter most.
The bill would allow the federal government to shut down the Internet in times of declared emergency, and enables unprecedented federal oversight of private network administration.
The bill's draft states that "the president may order a cybersecurity emergency and order the limitation or shutdown of Internet traffic" and would give the government ongoing access to "all relevant data concerning (critical infrastructure) networks without regard to any provision of law, regulation, rule, or policy restricting such access."
Authored by Democratic Sen. Jay Rockefeller of West Virginia and Republican Olympia Snowe of Maine, the Cybersecurity Act seeks to create a Cybersecurity Czar to centralize power now held by the Pentagon, National Security Agency, Department of Commerce and the Department of Homeland Security.
Proponents of the measure stress the need to centralize cybersecurity of the private sector.
"People say this is a military or intelligence concern," says Rockefeller, "but it is a lot more than that. It suddenly gets into the realm of traffic lights and rail networks and water and electricity."
Snowe added, "America's vulnerability to massive cyber-crime, global cyber-espionage and cyber-attacks has emerged as one of the most urgent national security problems facing our country today.
Critics worry about the broad language.
Organizations like the Center for Democracy and Technology fear if passed in its current form, the proposal leaves too much discretion of just what defines critical infrastructure.
In some respects, it could be like the government using "terrorism" to increase executive power and Congress to change laws.
The bill would also impose mandates for designated private networks and systems, including standardized security software, testing, licensing and certification of cyber-security professionals.
"I'd be very surprised if it doesn't include communications systems, which are certainly critical infrastructure," CDT General Counsel Greg Nojeim told eWEEK.
"The president would decide not only what is critical infrastructure but also what is an emergency."
Adds Jennifer Granick, civil liberties director of the Electronic Frontier Foundation said. "Essentially, the Act would federalize critical infrastructure security. Since many systems (banks, telecommunications, energy)are in the hands of the private sector, the bill would create a major shift of power away from users and companies to the federal government."
The bill has been moving ahead, while you were sleeping.