By Calvin Biesecker
Three senators last week introduced updated legislation that would prohibit the president or any employee of the federal government from shutting down the Internet, moving to untangle concerns that a previous version of the bill introduced last June gave the president authority for an Internet “kill switch.”
“We want to clear the air once and for all,” Sen. Joseph Lieberman (I/D-Conn.), chairman of the Senate Homeland Security and Governmental Affairs Committee, said in a statement last Thursday evening. “As someone said recently, the term ‘kill switch’ has become the ‘death panels’ of the cyber security debate. There is no so called ‘kill switch’ in our legislation because the very notion is antithetical to our goal of providing precise and targeted authorities to the president.”
The new legislation, called the Cybersecurity and Internet Freedom Act of 2011, says that “neither the President, the Director of the National Center for Cybersecurity and Communications, nor any other officer or employee of the Federal Government should have the authority to shut down the Internet.”
The earlier version of the legislation, Protecting Cyberspace as a National Asset Act of 2010, in part would have updated pre-World War II telecommunications legislation to give the president the authority to act to a cyber event just as if a threat of war or state of war existed (Defense Daily, June 16, 2010).
Sen. Susan Collins (R-Maine), the ranking member on the Homeland Security panel and a co-sponsor of the cyber bills introduced last week and last summer, said last June that the Protecting Cyberspace legislation didn’t authorize the president to take over networks.
Section 249 of the new bill authorizes the president to issue a declaration of a “national cyber emergency” and specify what critical infrastructure is covered under the emergency. It also requires the president to direct the owners of the covered critical infrastructure to implement requisite response plans to a cyber emergency.
The bill introduced last week also requires judicial review of what is considered critical infrastructure.
As with the 2010 legislation, the Cybersecurity and Internet Freedom Act of 2011 creates a new Office of Cyberspace Policy in the White House and a new National Center for Cybersecurity and Communication (NCCC) at DHS. Both positions would require Senate confirmation.
The White House cyber policy director would oversee and coordinate federal efforts related to the security and resiliency of cyberspace and would also be responsible for developing and updating the national strategy for the security and resiliency of cyberspace.
The NCCC director would be the principal adviser within DHS on cyber security.