by Declan McCullagh: Amazon
Fights Demand for CustomerRecords
A new U.S.
Senate bill would grant the president far-reaching emergency powers
to seize control of or even shut down portions of the Internet.
announced Thursday says that companies such as broadband providers,
search engines, or software firms that the government selects "shall
immediately comply with any emergency measure or action developed"
by the Department of Homeland Security. Anyone failing to comply
would be fined.
authority would allow the federal government to "preserve those
networks and assets and our country and protect our people,"
Joe Lieberman, the primary sponsor of the measure and the chairman
of the Homeland Security committee, told reporters on Thursday.
Lieberman is an independent senator from Connecticut who caucuses
with the Democrats.
are few limits on the president’s emergency power, which can be
renewed indefinitely, the densely worded 197-page bill (PDF)
is likely to encounter stiff opposition.
probably the largest U.S. technology lobby group, said it was concerned
about "unintended consequences that would result from the legislation’s
regulatory approach" and "the potential for absolute power."
And the Center for Democracy and Technology publicly worried that
the Lieberman bill’s emergency powers "include authority to
shut down or limit Internet traffic on private systems."
The idea of
an Internet "kill switch" that the president could flip
is not new. A draft Senate proposal that CNET obtained
in August allowed the White House to "declare a cybersecurity
emergency," and another
from Sens. Jay Rockefeller (D-W.V.) and Olympia Snowe (R-Maine)
would have explicitly given the government the power to "order
the disconnection" of certain networks or Web sites.
both senators lauded Lieberman’s bill, which is formally titled
the Protecting Cyberspace as a National Asset Act, or PCNAA. Rockefeller
said "I commend" the drafters of the PCNAA. Collins went
further, signing up at a co-sponsor and saying at a press conference
that "we cannot afford to wait for a cyber 9/11 before our
government realizes the importance of protecting our cyber resources."
the federal government’s power to force private companies to comply
with emergency decrees would become unusually broad. Any company
on a list created by Homeland Security that also "relies on"
the Internet, the telephone system, or any other component of the
U.S. "information infrastructure" would be subject to
command by a new National Center for Cybersecurity and Communications
(NCCC) that would be created inside Homeland Security.
The only obvious
limitation on the NCCC’s emergency power is one paragraph in the
Lieberman bill that appears to have grown out of the Bush-era flap
over warrantless wiretapping. That limitation says that the NCCC
cannot order broadband providers or other companies to "conduct
surveillance" of Americans unless it’s otherwise legally authorized.
Thursday that enactment of his bill needed to be a top congressional
priority. "For all of its ‘user-friendly’ allure, the Internet
can also be a dangerous place with electronic pipelines that run
directly into everything from our personal bank accounts to key
infrastructure to government and industrial secrets," he said.
"Our economic security, national security and public safety
are now all at risk from new kinds of enemies – cyber-warriors, cyber-spies,
cyber-terrorists and cyber-criminals."
A new cybersecurity
proposal would form a powerful and extensive new Homeland Security
bureaucracy around the NCCC, including "no less" than
two deputy directors, and liaison officers to the Defense Department,
Justice Department, Commerce Department, and the Director of National
Intelligence. (How much the NCCC director’s duties would overlap
with those of the existing assistant secretary for infrastructure
protection is not clear.)