Watch out for the feds' proposed cybersecurity 'fix'

I don't think the nightmare is 1/10th or 1/100th as bad as your article suggests. The government is not seeking back doors into our network or access to our data. As a bureaucracy, they learned from 9/11 that "stovepipes" and "rice bowls" at the national level circumvent national security and put everyone at risk. When there's a network attacking critical infrastructure infrastructure in this nation, I absolutely want SOMEONE out there that can detach it (the attacker or the system being attacked), ASAP. I see no "unprecedented violation" of privacy there. They want certain individuals in Government to be able to have access to information ABOUT critical infrastructure networks, without some agency playing games about "their" stuff. This is why the FBI didn't talk to the CIA, and thousands of people died needlessly as a result, not to mention the impacts on peace on earth and the US and world economy. They aren't suspending those laws--they're saying that national security interests supersede them, with respect to certain types of information. I want a government with some teeth, not just a lot of bark. Requiring certain levels of certification buys peace of mind. Personally, I don't want some subcontractor to the DoD, DoJ, or DoE hiring some foreign national to work on critical infrastructure systems, any more than I want a public company training suspicious looking/acting Islamic militants how to fly planes. Should the market be allowed to hire the cheapest worker, regardless of security implications on national security? Absolutely not. They are free to work on the critical infrastructure of one of the many member countries of the United Nations, but they have no God-given right to work for the government of the United States, in any capacity, just because some company wants to hire them. It has already been proven that our critical infrastructure, including power grids, have been probed by other nations and groups. Any country NOT doing that to us would be foolish and inept. Any country NOT defending themselves against that are equally foolish and inept. If our government doesn't do something to defend us against that, who will? Private industry? Absolutely not. Private industry is interested in one thing: profit. I want someone to protect me, while private industry is protecting their wallets. In order for that to happen, I have to put SOME faith in my government, rather than assuming that everything is a lie, conspiracy, sham, plot, coverup, or bridge to nowhere.

This bill is more about government control than what a Bush-hater might characterize as "Bush-regime security paranoia." ISP network back-doors were enabled during the Clinton administration purportedly for law-enforcement purposes. They have been used since their inception for electronic eaves-dropping and evidence gathering. Visit the ACLU web site if you have any doubts. The sponsors of this bill are two very liberal Senators who only months ago were criticizing the Justice Department for supposedly using warrant-less wire taps. The language in this bill would effectively eliminate the requirement of a warrant or any other potential oversight. It is obvious now that their concern for the public's right to privacy was nothing more than political posturing. The types of controls that would be enabled by this bill are present in every socialist state in Asia and Europe as well as other well-known dictatorships, kingdoms and theocracies throughout the world. Is this really the kind of change that Obama believes in?

I think we can all take a deep breath on this one. At 56 pages and 23 separate sections, I don't think there's much chance this one makes it out of committee in it's current form, let alone gets a floor vote given the other business before Congress. There a few core issues as I see it. First, this bill is being proposed by the Senate committee that has oversight responsibility for the Commerce department. As such it proposes giving to giving to Commerce a number of charters currently held by other government agencies; most notably the Department of Homeland Security. These agencies (and their own congressional sponsors) won't allow that much authority to be transitioned to Commerce without a fight...the kind of fight that can quickly kill a bill as complicated as this one. Second, it would appear to me that the bill's sponsors have bitten off far more than they can chew in a single congressional session. The issues addressed are numerous and complex and many have no known solutions. This is not the kind of scenario that typically leads to quick or good legislation. Finally, I don't think Section 18, which is the one that would allow the President or surrogate (read Cyberczar) to disconnect a portion of the Internet under attack, is deployable in practice. The authors of Section 18 seem to believe that there are large chunks of Internet traffic that run on physically private networks that connect to the public Internet at limited number of points. This is, of course, not the way the overwhelming majority of ‘net traffic travels. In the limited number of cases where data is secured in transit, it’s nearly always on Virtual Private Networks (VPN) that use exactly the same transmission lines, routers, and wireless connections as all other Internet traffic. So, assuming a national Cybersecurity Czar determined that the nation’s financial system or power grid were under focused attack, just what would he or she order shut down in order to quarantine that piece of the nation’s information infrastructure? It's not like you can throw a switch or two and suddenly take a portion the economy offline. I think the issue this provision raises is worthy of debate; just what measures are the government entitled to take if a portion of the nation's Internet infrastructure becomes SO impaired that in endangers other portions? I doubt the best answer is "nothing", but the language in this bill probably isn't the answer either.