Sponsored By

hitest

Microsoft And Yahoo: Search Partners

Recommended Posts

Two thoughts on that: Apparently no one's willing to take on the job of Security Czar, and I don't have a problem with the government having the capability of seizing control of the Internet during emergencies (just as they seize control of streets, airports, etc., during emergencies).

Share this post


Link to post
Share on other sites
Two thoughts on that: Apparently no one's willing to take on the job of Security Czar, and I don't have a problem with the government having the capability of seizing control of the Internet during emergencies (just as they seize control of streets, airports, etc., during emergencies).

The government owns the streets and airports.

The original bill was horrible. It gave the President complete discretion to decide what networks were 'critical infrastructure' and what events were 'cybersecurity emergencies'. As far as I can recall, there was no oversight at all. I'm not sure the President was even required to inform Congress about their decisions.

That alone would have been bad. What made it horrible was section 14(a)(1): "The Secretary of Commerce [...] shall have access to all relevant data concerning [critical infrastructure networks] without regard to any provision of law, regulation, rule, or policy restricting such access". Consider the implications.

The language in the latest draft seems to be softer than in the original but the excerpt linked from the article doesn't include the sections that had the worst bits in the original, so who knows.

Share this post


Link to post
Share on other sites
Two thoughts on that: Apparently no one's willing to take on the job of Security Czar, and I don't have a problem with the government having the capability of seizing control of the Internet during emergencies (just as they seize control of streets, airports, etc., during emergencies).

The government owns the streets and airports.

The original bill was horrible. It gave the President complete discretion to decide what networks were 'critical infrastructure' and what events were 'cybersecurity emergencies'. As far as I can recall, there was no oversight at all. I'm not sure the President was even required to inform Congress about their decisions.

That alone would have been bad. What made it horrible was section 14(a)(1): "The Secretary of Commerce [...] shall have access to all relevant data concerning [critical infrastructure networks] without regard to any provision of law, regulation, rule, or policy restricting such access". Consider the implications.

The language in the latest draft seems to be softer than in the original but the excerpt linked from the article doesn't include the sections that had the worst bits in the original, so who knows.

Hmm, if Bill Clinton were still president do you think he would decide that Porn sites are critical infrastructure? Or just specific types of porn?

I think that this

"The Secretary of Commerce [...] shall have access to all relevant data concerning [critical infrastructure networks] without regard to any provision of law, regulation, rule, or policy restricting such access"

Is more meant to insure an unrestricted access rather than having congress determine that a no government employee should have access to a specific type of site, and thus block the Secretary from getting data which might alter his decision as to which networks are deserving of or in need of protection.

Share this post


Link to post
Share on other sites
Hmm, if Bill Clinton were still president do you think he would decide that Porn sites are critical infrastructure? Or just specific types of porn?

That is an excellent question that deserves an answer. I suggest that we immediately repeal the 22nd Amendment and reƫlect Bill.

Please?

Is more meant to insure an unrestricted access rather than having congress determine that a no government employee should have access to a specific type of site, and thus block the Secretary from getting data which might alter his decision as to which networks are deserving of or in need of protection.

Possibly. The problem is that "all relevant data" could include the data moving across the networks (to detect and analyze attacks, for example) and "any provision of law, regulation, rule, or policy restricting such access" could include all privacy and security laws except the Fourth Amendment.

(Fun question: if the President ordered the Secretary not to monitor a network, would that be considered a 'rule or policy restricting access' that the Secretary could disregard?)

Share this post


Link to post
Share on other sites

Agreed; as with a lot of legislation while the intent may be benign and clear the actual wording is so obscure and convoluted that even the authors are probably confused. Then along come the lawyers picking things apart to benefit themselves and if possible their clients and you wind up with a real mess which often has to be amended to restore the original intent, or at least come close.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now