Sign up to our newsletter
The latest security news direct to your inbox
After posting the article regarding this new legislature I continued my research into the objections which have been raised by many cyber activists. Some of the concern is about ‘Net Neutrality’ and the potential for abuse of power. Let’s look first at the issue of content-neutral or client-neutral packet routing.
Terry Zink, one of Microsoft’s finest, blogs about the nuances of how ISPs can mess with routing Internet traffic:
One of President Obama’s campaign promises was on Net Neutrality. This might explain why the FCC went after Comcast recently – and lost. Fred von Lohmann, Electronic Frontier Foundation senior staff attorney and all-around cyberlaw heavy hitter, has this to say in his analysis of this week’s Net Neutrality based FCC claim:
The way I read von Lohmann’s brief was that FCC stepped up to the plate about net neutrality, however they were doing the high wire without a net.
This blogpost from thehill.com offers clarity:
Part of the problem derives from the freedom the Internet (and its commercial providers the ISPs) currently has from any government agency having jurisdiction on the packet routing priorities. That solution itself however may provide more problems in the future. Growing up in Berkeley as well as hundreds of hours of flying around combat zones having to enforce outcomes of political decision provided me with plenty of observation of well-meaning policies getting tricky in the follow-through. For the best view on both positions, Terry Zink over at MSFT has a great pro/con breakdown.
Here’s a little remembered civics fact: most laws don’t evolve without public demand or policy gaps. In short, outside threats or internal fraud usually determines public involvement. In this instance, Senate Bill 773 mentions several key objectives which have been overshadowed by the Net Neutrality discussion with bipartisan support.
Declan McCullaugh, a CBS staffer, blogged this follow-up from the government in his CNET article about 773:
- The president of the United States has always had the constitutional authority, and duty, to protect the American people and direct the national response to any emergency that threatens the security and safety of the United States.
- The Rockefeller-Snowe Cybersecurity bill makes it clear that the president's authority includes securing our national cyber infrastructure from attack.
- The section of the bill that addresses this issue, applies specifically to the national response to a severe attack or natural disaster.
- This particular legislative language is based on longstanding statutory authorities for wartime use of communications networks.
- To be very clear, the Rockefeller-Snowe bill will not empower a "government shutdown or takeover of the Internet" and any suggestion otherwise is misleading and false.
- The purpose of this language is to clarify how the president directs the public-private response to a crisis, secure our economy and safeguard our financial networks, protect the American people, their privacy and civil liberties, and coordinate the government's response.
Occam’s Razor shows us that if any legislature is not focused, simple, and within the Constitution’s charter for the Executive Branch, it doesn’t go far. Nobody in Congress wants to give the E-branch too much power because every four years, that power can be used against them.
One question remains: if this bill empowers the E-branch during times of war, what does a Cyberwar look like? There’s no question that some of the Bill’s provisions speed up a response, but what exactly defines cyberwarfare? In From Megatons to Megapings, we look at both sides.
Contributing Writer, Securing Our eCity
Author ESET Research, ESET