Imagine it's 1953 and a steel strike threatens to shut down defense plants crucial to President Truman's prosecution of the Korean War. Faced with a national emergency, Truman seizes the steel plants, claiming an inherent power to act. The Supreme Court disagrees, limiting the President's power to seize private property absent a constitutional or statutory mandate to do so. Now fast forward to earlier this week when two Senators introduced a bill that "Give 'em Hell Harry" would love; a bill that gives the President the power to seize and shut down the Internet or any other "critical infrastructure " in the "interest of national security."
Read that last sentence again; no imaging here. The bill is real and now pending before the United States Senate.
The bill, dubbed the "Cyber security Bill of 2009," sponsored by Sens. Jay Rockefeller and Olympia Snowe, is the opening salvo in what promises to be a pitched battle about how to best protect the nation's critical infrastructure -- including its privately held communications and information networks -- from increasing threats in a way that does not undermine privacy and civil liberties.
Rockefeller and Snowe do not tread lightly into the fray. Instead, they propose a sweeping federal take over of all cyber security efforts that gives the President plenary power over the Internet and other as yet to be identified "critical infrastructure." In addition to the power to seize and shut down the Internet in the U.S., the President is given the power "in an emergency" to limit Internet traffic to any "critical infrastructure information system," and puts the Commerce Department at the helm of a federal cyber security clearinghouse with the express power to override all laws and regulations, including those designed to protect privacy, to "obtain access to all relevant data" concerning critical infrastructure information systems and networks owned by the private sector. And for those of you with free time and a stiff drink, there is much, much, more.
It's clear our national cyber security efforts can't -- and shouldn't -- be left to idle. The cyber-threat is real and growing. The New York Times recently wrote of the discovery of a whispery international spying operation that had compromised government computers in 103 countries. And no one is exactly sure who is behind this "ghostnet." But it's real, it's dangerous and such efforts will only grow in sophistication and intrigue.
So, we have to protect our house and we must craft a policy able to deal with an "electronic Pearl Harbor," but it also has to be done smart, in the sunlight and with much forethought. For the past eight years we have known almost nothing about what the government is doing with respect to cyber security. There are hopeful signs that is about to change. A 60-day review of the nation's cyber security efforts, ordered by President Obama, is due out sometime next week.
The team preparing the 60-day report solicited the views of all comers, from privacy advocates to industry to academics. We don't know whether we will like the outcome but it has been a thoughtful and inclusive process. And now, just days before the report is due, the Rockefeller-Snowe bill is lobbed on to the White House lawn. There are some sensible provisions in this bill, and some hard questions that have to be resolved, but it's hard to focus on them when the rest of the bill turns the Internet into a big, brass ring and the President is only one riding the Merry-Go-Round.