So it’s not surprising that Congress has worked hard on a worst-case scenario and what would need to be done. The surprise is that a newly revised bill appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency, according to CNET.
The bill, worked on by Sen. Jay Rockefeller, a West Virginia Democrat, says that the President “in the event of an immediate threat to strategic national interests involving compromised Federal Government or United States critical infrastrucure information system or network – may declare a cybersecurity emergency; and may, if the President finds it necessary for the national defense and security, and in coordination with relevant industry sectors, direct the national response to the cyber threat and the timely restoration of the affected critical infrastructure information system or network.”
“I think the redraft, while improved, remains troubling due to its vagueness,” Larry Clinton, president of the Internet Security Alliance, told CNET. “It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill.”
On it’s face, the bill doesn’t seem that scary. But as in all things government, it’s not what you see, it’s what you don’t. What role does the government have when it comes to private networks? How will these powers when implemented by bureaucrats be used? I don’t think anything particularly nefarious is going on, but shouldn’t we act like it just in case?