Written by Jim Harper, Director of Information Policy Studies at the Cato Institute. Posted with permission from Cato @ Liberty.
A year ago, almost to the day, I blogged about a legislative package on cybersecurity being proposed in the Senate. “Soviet-Style Cybersecurity,” I called it, because of the “centralizing and deadening effect” it would have on the many and varied efforts to respond to the many problems lumped together as “cybersecurity.” President Obama’s new executive order, titled “Improving Critical Infrastructure Cybersecurity,” has similar, if slightly more sinister, qualities.
To understand my thinking in this area, you must first understand the concepts in a superlative law review article I first read when I was doing oversight of the regulatory process as a congressional staffer. “Administrative Arm-Twisting in the Shadows of Congressional Delegations of Authority” is by University of Flordia law professor Lars Noah. In it, he described the administrative practice of imposing sanctions or withholding benefits in order to elicit “voluntary compliance” from regulated entities. The upshot? There is no “voluntary” when businesses are repeat players or under ongoing supervision of an agency.
The cybersecurity executive order has arm-twisting all over it.
This weekend Mitt Romney announced that his running mate would be Congressman Paul Ryan from Wisconsin. Ryan gained a lot of notoriety recently with his better-than-Obama’s budget proposal, which aimed to balance the budget in the next 3 or 4 decades.
It’s a sad day for conservatives when the hero to save them from their budget woes needs 30+ years to balance the budget.
Still, Ryan is the latest non-libertarian making waves about balancing the federal budget, so I would like to believe that Romney’s pick of Ryan is more about sending a message that he is (or that he wants to be) serious about fiscal issues rather than a pick to appease the Tea Party folks who don’t really care for Romney.
I am, however, a bit confused over the Tea Party excitement of Ryan. Sure, Romney could have made a worse choice, but Tea Party leaders are acting like the problems with Romney have vanished now that Ryan is on the ticket.
Let’s remember this is the same Paul Ryan who not only supported TARP but went to the floor of the House to beg his colleagues to do the same. This is the same Paul Ryan who supported the auto bailouts. How do those positions qualify anyone as a fiscal conservative?
Legislators in Washington are at it again, working tirelessly to ruin a perfectly good Internet.
Maybe it would be different if they consulted with leaders in technological advancements to find out the implications of an idea. Or maybe they could ask what technology might break because of a bill. But that’s not how it works.
I imagine the Congressional discussions of Internet manipulation to be like a group of senior citizens sipping coffee at McDonald’s at 5:00 a.m. and fussing about those “dagburned Internet machines” taking over life as they once knew it.
Surely it can’t be that way, but when you read the legislation, you have to wonder.
SOPA and PIPA threatened to do all sorts of bad things to the Internet. There was a whole list of problems with that legislation, and though massive Internet protests managed to derail the bills, it’s worth noting that if not for those protests, SOPA and PIPA would have been passed with much bipartisan support.
Then CISPA came along, and while it wasn’t a brutal pillaging of core Internet technologies like SOPA and PIPA, it would have opened the door for some serious privacy issues. With full cooperation from the Heritage Foundation (which was an outright betrayal of the American public), House Republicans managed to pass CISPA and send it to the Senate, where it fortunately hasn’t gone anywhere – yet.
I spent most of Friday in disbelief.
The House was supposed to be considering the Cyber Intelligence Safety and Protection Act, otherwise known as CISPA, on Friday. Thursday I caught some rumors that it was being moved up a day, and when I got online Friday morning, I found that they had indeed voted on it, and it passed 248-168.
My disbelief wasn’t that it passed but rather that my Congressman, Tom Graves, had voted in favor of it. He has a 5-way conservative test for considering legislation, and I’m still not sure how CISPA passed his test. I think CISPA has some obvious Constitutional problems, and when I saw Graves’ vote, I felt (for lack of a better word) betrayed.
That’s not to say that Graves is awful and needs to be thrown out. On the contrary, Tom really is a pretty good Congressman, and he’s usually on the right side of an issue even before I offer my input on legislation. For example, he opposed NDAA, and he was opposing SOPA before everybody else. Graves wasn’t the only usually-good Congressman to vote for this bill. Several others shocked me with a vote for CISPA as well.
While asking around and looking for reasons why these Congressmen went the wrong way on this bill, I was told multiple times that The Heritage Foundation was a major influence in CISPA’s passing. How unfortunate. While The Heritage Foundation typically does a good thing, apparently when it’s wrong, it’s really wrong.
Yesterday evening, the House — acting a day earlier than scheduled — passed the Cyber Intelligence Sharing and Protection Act (CISPA) in the face of opposition from the White House and a skeptical Internet community:
The House on Thursday approved cybersecurity legislation that privacy groups have decried as a threat to civil liberties.
The Cyber Intelligence Sharing and Protection Act, or CISPA, sponsored by Reps. Mike Rogers (R-Michigan) and Dutch Ruppersberger (D-Maryland), passed on a vote of 248 to 168.
Its goal is a more secure internet, but privacy groups fear the measure breaches Americans’ privacy along the way. The White House had weighed in on Wednesday, threatening a veto unless there were significant changes to increase consumer privacy. The bill was amended to provide more privacy protections, but it was not immediately clear whether the Senate or the White House would give the amended bill its blessing.
During the debate in the House of Representatives over cyber-security, the White House issued veto threat over CISPA due to Internet privacy concerns. Despite that strong stance on a controversial piece of legislation, there have been a number of news stories recently showing various government agencies willingness to ignore constitutional protections to gain access to e-mail and other forms of electronic communication and files.
In fact, it’s the official policy of President Barack Obama’s Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) that agents do not need a warrant when they want to gain access to e-mail and Facebook accounts:
The U.S. Department of Justice and the FBI believe they don’t need a search warrant to review Americans’ e-mails, Facebook chats, Twitter direct messages, and other private files, internal documents reveal.
Government documents obtained by the American Civil Liberties Union and provided to CNET show a split over electronic privacy rights within the Obama administration, with Justice Department prosecutors and investigators privately insisting they’re not legally required to obtain search warrants for e-mail. The IRS, on the other hand, publicly said last month that it would abandon a controversial policy that claimed it could get warrantless access to e-mail correspondence.
Nearly a week after the House of Representatives overwhelmingly passed the controversial legislation, it appears that the Cyber Intelligence Sharing and Protection Act — commonly known as CISPA — has been shelved, at least for now. Citing Internet privacy concerns, the Senate will not take up the bill, but will instead work on new legislation that addresses cyber attacks on the United States:
The Senate will not vote on a cybersecurity bill that passed the House earlier this month, according to two Senate staffers, dealing a blow to a measure that sparked opposition from privacy advocates and the White House.
Sen. Jay Rockefeller (D-W.V.), who is chairman of the Senate Commerce Committee, “believes that information sharing is a key component of cybersecurity legislation, but the Senate will not take up CISPA,” a committee staffer told HuffPost.
A staffer for the Senate Intelligence Committee said the committee also is working on an information-sharing bill and will not take up CISPA.
“We are currently drafting a bipartisan information sharing bill and will proceed as soon as we come to an agreement,” Sen. Dianne Feinstein (D-Calif.), chairwoman of the Senate Intelligence Committee, said in a statement Thursday.
The White House had already issued a veto threat on CISPA, citing privacy concerns, as ironic as that sounds given some of the things this administration has pushed. This is also quite similar to what happened last year when the House passed CISPA and it was killed by the Senate.
Nearly two months have passed since President Barack Obama signed an executive order dealing with cybersecurity. This move reignited the debate over CISPA, controversial legislation that has some very severe implications for Internet privacy.
Yesterday, the House Intelligence Committee approved CISPA, paving a path for a final vote in the House some time next week:
The House Intelligence Committee passed a controversial cybersecurity bill on an 18-2 vote Wednesday.
The Cyber Intelligence Sharing and Protection Act, known as CISPA, is expected to be voted on in the House next week with a set of other cybersecurity-focused bills.
House Intelligence Chairman Mike Rogers (R-Mich.) and ranking member Dutch Ruppersberger (D-Md.), the authors of the bill, expressed optimism that Wednesday’s markup vote signaled they have enough momentum to pass CISPA through the House, as it did last year.
While threats to infrastructure are very serious and should be addressed, Congress should be working for ways to protect Internet privacy and due process. That clearly has not been done with previous or current versions of CISPA. In fact, Declan McCullagh noted yesterday that amendments that were offered in committee that would have protected privacy were overwhelmingly voted down.
Should the government be snooping around you e-mails and cloud accounts? Given that there are constitutional safeguards in place to guarantee our privacy, one would think that the answer to this question would be obvious. But because federal laws haven’t been updated to cover online communication, law enforcement agencies haven’t bothered to obtain warrants for these searches. Additionally, efforts to pass SOPA, PIPA, and CISPA — bills that would have dire implications for online privacy and due process — are likely to resurface soon.
Grover Norquist, President of Americans for Tax Reform, and Laura Murphy, Director of the American Civil Liberties Union’s Washington Legislative Office, teamed up recently to discuss the issue of Internet privacy and to announce a joint effort to address this issue in an op-ed at Politico:
The essential elements of [the Electronic Communications Privacy Act] have not changed since 1986, and the courts have failed to keep pace, saying remarkably little about the Constitution’s application to new technology. Hence, the government can contend ECPA gives it the authority to ignore your privacy to an extent that would have shocked the framers of the Constitution.
Don’t look now, folks, but the Cyber Intelligence Sharing and Protection Act (CISPA) is making a comeback thanks to President Barack Obama.
Between the end of 2011 and early 2012, online activists were able to raise a firestorm over legislation — Stop Online Piracy Act (SOPA), PROTECT IP Act (PIPA), and CISPA — that would have severely diminished Internet privacy. Thanks to the outcry, all three bills eventually died.
According to a report yesterday from The Hill, President Obama will on Wednesday sign an executive order — completely bypassing Congress, which is becoming an all too familar pattern with this White House — that will implement cybersecurity measures from against attack on the United States:
The White House is poised to release an executive order aimed at thwarting cyberattacks against critical infrastructure on Wednesday, two people familiar with the matter told The Hill.
The highly anticipated directive from President Obama is expected to be released at a briefing Wednesday morning at the U.S. Department of Commerce, where senior administration officials will provide an update about cybersecurity policy.
The executive order would establish a voluntary program in which companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government.