The Cybersecurity Act

There is an interesting piece of legislation that is presently being debated in the Senate Committee for Commerce, Science, and Transportation. Written by John Rockefeller(D-WV), Bill Nelson(D-FL)and Olympia Snowe(R-NE), Senate Bill 773 has some chilling  Orwellian possibilities. Anyone even remotely connected with the computer industry needs to read this bill. It  can be found in it’s entirety at: http://www.govtrack.us/ For those of you unwilling to read through pages of abstruse legalese, let me present some of the more curious sections.

Just so we know exactly who or what this bill refers to:

SEC. 23. DEFINITIONS.

In this Act:

(2) CYBER- The term ‘cyber’ means--

(A) any process, program, or protocol relating to the use of the Internet or an intranet, automatic data processing or transmission, or telecommunication via the Internet or an intranet; and

(B) any matter relating to, or involving the use of, computers or computer networks.

(3) FEDERAL GOVERNMENT AND UNITED STATES CRITICAL INFRASTRUCTURE INFORMATION SYSTEMS AND NETWORKS- The term ‘Federal Government and United States critical infrastructure information systems and networks’ includes--

(A) Federal Government information systems and networks; and

(B) State, local, and nongovernmental information systems and networks in the United States designated by the President as critical infrastructure information systems and networks.

SEC. 14. PUBLIC-PRIVATE CLEARINGHOUSE.

(a) DESIGNATION- The Department of Commerce shall serve as the clearinghouse of cybersecurity threat and vulnerability information to Federal Government and private sector owned critical infrastructure information systems and networks.

(b) FUNCTIONS- The Secretary of Commerce--

(1) shall have access to all relevant data concerning such networks without regard to any provision of law, regulation, rule, or policy restricting such access;

You can probably read as well as me. This can and will cover all computer networks, giving our government some pretty awesome “big brother” power. Let’s read some more.

SEC. 7. LICENSING AND CERTIFICATION OF CYBERSECURITY PROFESSIONALS.

(b) MANDATORY LICENSING- Beginning 3 years after the date of enactment of this Act, it shall be unlawful for any individual to engage in business in the United States, or to be employed in the United States, as a provider of cybersecurity services to any Federal agency or an information system or network designated by the President, or the President’s designee, as a critical infrastructure information system or network, who is not licensed and certified under the program.

What constitutes a “critical infrastructure system or network”? Am I going to have to have a license to work for Google?

Now here’s the chilling part:

SEC. 18. CYBERSECURITY RESPONSIBILITIES AND AUTHORITY.

The President--

(2) may declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network;

(6) may order the disconnection of any Federal Government or United States critical infrastructure information systems or networks in the interest of national security;

Why do I see a Skynet scenario in the future? If you wish the internet to remain as it is, I urge you to write, call, or e-mail one of  fourteen senators that are on this committee and urge them to rewrite the bill.

    Chairman John Rockefeller(D-WV)
    Mark Begich(D-AK)
    Barbara Boxer(D-CA)
    Maria Cantwell(D-WA)
    Byron Dorgan(D-ND)
    Daniel Inouye(D-HI)
    John Kerry(D-MA)
    Amy Klobuchar(D-MN)
    Frank Lautenberg(D-NJ)
    Claire McCaskill(D-MO)
    Bill Nelson(D-FL)
    Mark Pryor(D-AR)
    Tom Udall(D-NM)
    Mark Warner(D-WA)