Senators re-introduce cybersecurity bill, with key difference

Perhaps bowing to pressure over the use of a “kill switch” in Egypt to shut down the internet, the US senators explicitly prohibit the president or any other US official from having the authority to shut down the internet in their legislation.

The bill introduced in the last Congress by these same senators contained a provision that would have given the president the authority to take “emergency measures” in the event that critical infrastructure networks were being exploited or attacked. That bill failed to pass the Senate.

The “emergency measure” provision was criticized in light of the Egyptian government’s shutting down the internet in response to demonstrations earlier this month. The senators issued a statement defending their legislation. “We would never sign on to legislation that authorized the President, or anyone else, to shut down the Internet. Emergency or no, the exercise of such broad authority would be an affront to our Constitution”, the statement said.

To emphasize this point, the new legislation explicitly prohibits this action on the part of the president or other government official. At the same time, the bill would give the president authority to declare a “cyberemergency” and take actions to thwart a cyberattack.

Like its predecessor, this bill, the Cybersecurity and Internet Freedom Act (S. 413), would establish a National Center for Cybersecurity and Communications in the Deparment of Homeland Security responsible for coordinating the cyberdefense efforts currently being carried out separately by public and private sector organizations. According to a statement by Collins in introducing the bill, the center would “close the coordination gaps that currently exist in our disjointed federal cyber security effort.”

In addition, the bill would set up an Office of Cybersecurity Policy in the White House that would be run by a Senate-confirmed director. “The director would lead and harmonize federal efforts to secure cyberspace and would develop a strategy that incorporates all elements of cyber security policy. The director would oversee all federal activities related to the strategy to ensure efficiency and coordination. The director would report regularly to Congress to ensure transparency and oversight”, according to Collins.

Privacy advocates are still concerned about the power given to the president in the bill. "It still gives the president incredible authority to interfere with Internet communications", ACLU legislative counsel Michelle Richardson was quoted by CNET as saying.

What’s hot on Infosecurity Magazine?