Egypt And The Internet Kill Switch
Egyptian President Hosni Mubarak responded to mass unrest by cutting off his people from the outside world. Do we really want an American President to have the same power?
News developments often lead to some rather ironic coincidences, such as this past week. On Friday, the crisis in Egypt seemed to finally come to the attention of the West when the Egyptian government decided to completely cut off the nation’s connections to the internet. Only a few days earlier, Cnet’s Declan McCullough noted that Congress was once again considering legislation that would give the President the authority to do much the same thing in a “national emergency”:
A controversial bill handing President Obama power over privately owned computer systems during a “national cyberemergency,” and prohibiting any review by the court system, will return this year.
Internet companies should not be alarmed by the legislation, first introduced last summer by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), a Senate aide said last week. Lieberman, an independent who caucuses with Democrats, is chairman of the Senate Homeland Security and Governmental Affairs Committee.
“We’re not trying to mandate any requirements for the entire Internet, the entire Internet backbone,” said Brandon Milhorn, Republican staff director and counsel for the committee.
Instead, Milhorn said at a conference in Washington, D.C., the point of the proposal is to assert governmental control only over those “crucial components that form our nation’s critical infrastructure.”
In other words, we’re from the government, trust us.
As always, the devil is in the details:
The revised Lieberman-Collins bill, dubbed the Protecting Cyberspace as a National Asset Act, works this way: Homeland Security will “establish and maintain a list of systems or assets that constitute covered critical infrastructure” and that will be subject to emergency decrees. (The term “kill switch” does not appear in the legislation.)
Under the revised legislation, the definition of critical infrastructure has been tightened. DHS is only supposed to place a computer system (including a server, Web site, router, and so on) on the list if it meets three requirements. First, the disruption of the system could cause “severe economic consequences” or worse. Second, that the system “is a component of the national information infrastructure.” Third, that the “national information infrastructure is essential to the reliable operation of the system.”
So, in some ways, the new bill is better than what was before Congress last years, but in other ways its much, much worse. As noted above, the new version of the bill provides that the DHS’s determination of “critical infrastructure” is not subject to any form of judicial review, and, of course, neither would the President’s determination of a crisis sufficient to activate the kill switch:
Last month’s rewrite that bans courts from reviewing executive branch decrees has given companies new reason to worry. “Judicial review is our main concern,” said Steve DelBianco, director of the NetChoice coalition, which includes eBay, Oracle, Verisign, and Yahoo as members. “A designation of critical information infrastructure brings with it huge obligations for upgrades and compliance.”
In some cases, DelBianco said, a company may have a “good-faith disagreement” with the government’s ruling and would want to seek court review. “The country we’re seeking to protect is a country that respects the right of any individual to have their day in court,” he said. “Yet this bill would deny that day in court to the owner of infrastructure.”
(…)
“No amount of tightening of what constitutes ‘critical infrastructure’ will prevent abuse without meaningful judicial review,” says Berin Szoka, an analyst at the free-market TechFreedom think tank and editor of The Next Digital Decade book. “Blocking judicial review of this key question essentially says that the rule of law goes out the window if and when a major crisis occurs.”
Of course, that’s pretty much always the case in a crisis isn’t it? Which is exactly why we need to step back and think about whether its really a good idea to be giving this kind of unchecked power to a President. Not just this President, or the last one, but any President. The most important thing to remember about grants of power like this is that they almost never get revoked, and the typically get expanded on over time. They are, as Bruce McQuain notes, just the beginning:
The proverbial camel’s nose under the tent that is not subject to judicial review. Let me stress that for the third time – none of this, if passed into law, is reviewable by the judiciary. And, of course, once passed, they won’t decide other parts of the infrastructure belong on there, will they? Oh, no.
As Berin Szoka of TechFreedom says, “blocking judicial review of this … essentially says that the rule of law goes out the window if a major crisis occurs.”
Well, yeah … and guess who gets to decide what is a “major crisis”? Without judicial review.
Hosni Mubarak’s decision to cut off the Internet may have done us a huge favor in some respects by bringing this issue to the forefront. Do we really want our President to have the power to do something that dictators do when faced with citizen unrest?
I don’t.
Graphic via Hit & Run
To a large extent, our government developed the Internet. It giveth and now wants to taketh away.
It is a shame you have to even ask this question.
When Egypt cut the switch to the Internet, I realized that Gil Scott-Heron was right. The revolution will not be televised.
I’m trying to imagine how cutting off any communications network in a time of crisis is a good thing.
> Do we really want our President to have the power to do something that dictators do when faced with citizen unrest?
No.
I trust no one person to have that power…
So, you guys have had this discussion without mentioning cyber warfare?
Way to miss the problem. While giving the government a switch might be dangerous, so is not having one.
Now, if someone can convince me that our information systems are so strong that we are invulnerable to cyber attack, that would simplify the discussion.
(Look at the history of the bill. It is about cyber security, safety from attack.)
The thing is that an Internet kill switch isn’t a smart way to handle cyber warfare either.
Certain pieces of critical infrastructure like water, power and maybe some parts of transportation should be able to disconnect themselves from the Internet as a measure of last resort but shutting down the entire network? That’s like wiring up the interstate freeway system to explode “just in case.”
John Personna : I find it funny you mention cyber warfare but you don’t seem to think at all about the fact that a kill switch would be a conveniently located target for hackers/crackers and countries that hate us. Flip that switch and basically your daily life is destroyed and our financial institutions would grind to a screeching halt. Our life requires us to interact daily with online connected machines and every one of those machines would either no longer work or be severely limited in functionality. Hell there are things you interact with daily that you don’t even realize connects online..
Seriously why bother with attacking 100 something sites when you can destroy millions by hitting one target.. The people involved with this bill are NOT thinking clearly and if this bill is allowed to pass our mistake will be quickly realized and I hope it doesn’t result in a total meltdown of what is left of our economy..