October 7, 2009
Our nation can be threatened not only by physical attacks on terra firma, but also in Cyberspace. Indeed, Cyber attacks could threaten all sorts of mission critical systems.
For this reason, aides to Senator Jay Rockefeller reportedly have been working recently on a revised draft Senate bill that would give the President broad powers in the event of a Cybersecurity emergency, and that apparently would go so far as allowing the President to temporarily seize control over computer networks in the private sector.
This power is akin to the power President Bush exerted when he grounded commercial aircraft in the wake of the September 11, 2001 World Trade Center and Pentagon attacks, according to a reported Senate source.
The revised draft Senate bill calls on the President, within 180 days of enactment, to develop and implement a comprehensive national Cybersecurity strategy. This strategy is to provide a “long-term vision of the Nation’s Cybersecurity future” and a plan that “encompasses all aspects of national security,” which would include private sector involvement.
[efoods]Importantly, the revised draft Senate bill sets forth that “in the event of an immediate threat to strategic national interests involving a compromised Federal Government or United States critical infrastructure information system or network,” the President may declare “a Cybersecuirty emergency” and may, if deemed necessary by the President for “the national defense and security,” direct “the national response to the Cyber threat” and the “timely restoration of the affected critical infrastructure information system or network.”
This is a mouthful, of course. But what it boils down to is that, if this becomes law, the President will be able to declare a Cybersecurity emergency and then direct the response to that threat. This would give the President very broad power.
Some might argue that this open-ended power and flexibility are exactly what the President would need to cope with the unusual circumstances that could be encountered by various types of Cyber attacks.
Others might argue that the revised draft Senate bill is too vague in terms of the scope of authority ceded to the President, and that there should be greater specificity to ensure that unbridled power is not abused potentially in the future.
Plainly, the United States needs a chain of authority and plans and measures designed to prevent and then cope with possible Cyber attacks. However, whether the revised draft Senate bills gets off the ground and becomes law as is remains to be seen.