Published August 28, 2009
A Senate bill would offer President Obama emergency control of the Internet and may give him a "kill switch" to shut down online traffic by seizing private networks -- a move cybersecurity experts worry will choke off industry and civil liberties.
Details of a revamped version of the Cybersecurity Act of 2009 emerged late Thursday, months after an initial version authored by Sen. Jay Rockefeller, D-W.V., was blasted in Silicon Valley as dangerous government intrusion.
"In the original bill they empowered the president to essentially turn off the Internet in the case of a 'cyber-emergency,' which they didn't define," said Larry Clinton, president of the Internet Security Alliance, which represents the telecommunications industry.
"We think it's a very bad idea ... to put in legislation," he told FOXNews.com.
Clinton said the new version of the bill that surfaced this week is improved from its first draft, but troubling language that was removed was replaced by vague language that could still offer the same powers to the president in case of an emergency.
"The current language is so unclear that we can't be confident that the changes have actually been made," he said.
The new legislation allows the president to "declare a cybersecurity emergency" relating to "non-governmental" computer networks and make a plan to respond to the danger, according to an excerpt published online -- a broad license that rights experts worry would give the president "amorphous powers" over private users.
"As soon as you're saying that the federal government is going to be exercising this kind of power over private networks, it's going to be a really big issue," Lee Tien, a senior staff attorney with the Electronic Frontier Foundation, told CNET News.
A Senate source familiar with the bill likened the new power to take control of portions of the Internet to what President Bush did when he grounded all aircraft on Sept. 11, 2001, CNET News reported.
Spokesmen for Senator Rockefeller and the Commerce Committee did not return calls seeking comment before this article was published.
But Rockefeller, who introduced the bill in April with bipartisan support, said the legislation was critical to protecting everything from water and electricity to banking, traffic lights and electronic health records.
"I know the threats we face," Rockefeller said in a prepared statement when the legislation was introduced. "Our enemies are real. They are sophisticated, they are determined and they will not rest."
The bill would also let the government create a detailed set of standards for licensing "cybersecurity professionals" who would oversee a single standard for security measures.
But many in the technology sector believe it's a job the government is ill-equipped to handle, said Franck Journoud, a policy analyst with the Business Software Alliance.
"Simply put, who has the expertise?" he told FOXNews.com in April. "It's the industry, not the government. We have a responsibility to increase and improve security. That responsibility cannot be captured in a government standard."
Clinton, of the Internet Security Alliance, praised President Obama's May science policy review, which he said would take cybersecurity in the right direction by promoting incentives to get the private industry to improve its own security measures.
But he faulted the Senate bill, which he said would centralize regulations for an industry that is too varied to fall under the control of a single set of rules without endangering the economy and security.
"We think a lot of things need to be done to enhance cybersecurity," he told FOXNews.com, but this bill is "not something that we could support."