A U.S. Senate committee has approved a wide-ranging cyber security bill that some critics have suggested would give the U.S. president the authority to shut down parts of the Internet during a cyber attack.
Sen. Joe Lieberman (I-Conn.) and other bill sponsors have refuted the charges that the Protecting Cyberspace as a National Asset Act gives the president an Internet "kill switch." Instead, the bill puts limits on the powers the president already has to cause "the closing of any facility or stations for wire communication" in a time of war, as described in the Communications Act of 1934, they said in a breakdown of the bill published on the Senate Homeland Security and Governmental Affairs Committee Web site.
[ See why InfoWorld's Bill Snyder argues that the Internet "kill switch" is a bad idea. | Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
The committee unanimously approved an amended version of the legislation by voice vote Thursday, a committee spokeswoman said. The bill next moves to the Senate floor for a vote, which has not yet been scheduled.
The bill, introduced earlier this month, would establish a White House Office for Cyberspace Policy and a National Center for Cybersecurity and Communications, which would work with private U.S. companies to create cyber security requirements for the electrical grid, telecommunications networks, and other critical infrastructure.
The bill also would allow the U.S. president to take emergency actions to protect critical parts of the Internet, including ordering owners of critical infrastructure to implement emergency response plans, during a cyber emergency. The president would need congressional approval to extend a national cyber emergency beyond 120 days under an amendment to the legislation approved by the committee.
The legislation would give the U.S. Department of Homeland Security authority that it does not now have to respond to cyber attacks, Lieberman said earlier this month. "Our responsibility for cyberdefense goes well beyond the public sector because so much of cyberspace is owned and operated by the private sector," he said. "The Department of Homeland Security has actually shown that vulnerabilities in key private sector networks like utilities and communications could bring our economy down for a period of time if attacked or commandeered by a foreign power or cyber terrorists."
Other sponsors of the bill are Senators Susan Collins (R-Maine) and Tom Carper (D-Del.).
One critic said Thursday that the bill will hurt the nation's security, not help it. Security products operate in a competitive market that works best without heavy government intervention, said Wayne Crews, vice president for policy and director of technology studies at the Competitive Enterprise Institute, an antiregulation think tank.
"Policymakers should reject such proposals to centralize cyber security risk management," Crews said. "The Internet that will evolve if government can resort to a 'kill switch' will be vastly different from, and inferior to, the safer one that will emerge otherwise."
