Madison Ruppert, Contributing Writer
During the Senate’s major hearing on cybersecurity last week, Senator John McCain, a Republican from Arizona, announced that the Republicans in the Senate would introduce a bill to compete with S. 2105, also known as the Cybersecurity Act of 2012.
McCain seeks to give the NSA and the military previously unimaginable powers over civilian networks, even further expanding the ludicrous power over American citizens given to the military under the National Defense Authorization Act for Fiscal Year 2012 (NDAA).
This is similar to the conclusions drawn by a study conducted by the Massachusetts Institute of Technology (MIT), which unsurprisingly had a long list of corporate “advisers” who would directly benefit from such a centralization.
Although, even the legislation as it is currently being considered follows the study’s recommendations by putting the power in the hands of DHS. McCain would apparently rather see that power in the military’s hands.
The Cybersecurity Act of 2012 is currently being supported by the chairmen of not only the Senate’s Homeland Security committee but also the chairs of the commerce and intelligence committees as well.
The current bill is cosponsored by Senators Joseph Lieberman, a Connecticut Independent, Jay Rockefeller, a West Virginia Democrat and Dianne Feinstein, a Democrat from California.
McCain spoke out against rushing the debate on this legislation and instead called for widening the role of the National Security Agency (NSA) in cybersecurity matters domestically.
On the February 16 hearing of the Senate Homeland Security and Governmental Affairs Committee McCain said that the fact that similar legislation has been introduced in the past by Lieberman and Senator Susan Collins, a Maine Republican, in the past does not mean that this new bill should be rushed to a vote.
“To suggest that this bill should move directly to the Senate floor because it has ‘been around’ since 2009 is outrageous,” McCain said.
“First, the bill was introduced two days ago. Secondly, where do Senate Rules state that a bill’s progress in a previous congress can supplant the necessary work on that bill in the present one?”
McCain said that even though previous sessions of Congress had debated the bill, it was a different set of senators who must now consider the legislation.
This is quite a valid point given that just the homeland security committee alone has four Republicans who were not Senators back in 2009.
Instead of treating “the last Congress as a legislative mulligan by bypassing the committee process and bringing the legislation directly to the floor,” McCain says that Congress should be deliberating with transparency.
This includes holding markup sessions and open debate instead of circumventing the legislative process and just placing it on the calender immediately.
However, this is only part of McCain’s problems with the proposed bill.
He says that the legislation places most of the responsibility to protect American information systems on the Department of Homeland Security (DHS), something which he believes to be a mistake.
McCain says that while the legislation would force the DHS to enlarge its mission and size in order to meet the mandates of the bill, the NSA and U.S. Cyber Command (USCYBERCOM) already have the resources and know-how to meet the mandates.
The problem here is that the NSA and the military, which USCYBERCOM is part of, currently do not have the legal authority to go in and secure civilian networks.
So, McCain seeks to introduce legislation to change that, giving the military even more unprecedented powers over civilians in the United States.
Following the hearing, Lieberman made a statement in which he nonsensically claimed that he “feels like it is September 10, 2001” and that “The system is blinking red — again. Yet, we are failing to connect the dots — again. We have come so far and in such a bipartisan way that we cannot allow this moment to slip away from us. We need to act now to defend America’s cyberspace as a matter of national and economic security.”
It seems quite clear to me that this is the typical fear mongering leveraged by our so-called representatives in order to suppress critical thinking and debate over policies like this.
“I am heartened that Republicans will offer their own cybersecurity proposal so that we can engage in rigorous debate and pass badly needed legislation this year,” Lieberman said, according to Homeland Security Today, although both proposals are far from acceptable in my humble opinion.
Both of the proposed bills take the power out of the hands of the American people and give it to centralized government agencies. The only significant difference is that McCain wants the NSA and the military to be in control and Lieberman and others want it to be the DHS with all the power.
It doesn’t make a bit of difference to me or anyone else who opposes giving the government even more power than they already have, especially when it comes to the private sector.
After all, if the government can’t even manage to keep their drone fleet secure, who in their right mind would task them with securing a sensitive civilian network?
The fear mongering being used by Lieberman is becoming almost sickeningly pervasive surrounding this legislation – and that is usually far from a good sign.
“The warnings of our vulnerability to a major cyber attack come from all directions and countless experts, and are underscored by the intrusions that have already occurred. Each day we fail to act, the threat increases to our national and economic security,” Collins said.
The second sentence of this statement from Collins is eerily reminiscent of the rhetoric that has been used time and time again to scare the American people into accepting federal tyranny.
Hopefully most of us are now able to see past their attempts to pull our heart strings and bypass all critical thinking faculties and thus reject any and all of this alarmist language.
McCain objected to the aspect of the cybersecurity legislation that tasks the DHS with carrying out risk assessments of businesses that they determine to be part of “critical infrastructure.”
While businesses would be allowed to appeal their designation, if they were deemed to be part of this critical infrastructure they would have to undergo annual re-certification of their cybersecurity standards.
As per usual, the program is incentivized in order to get companies to readily accept being controlled by the federal government.
In this case, companies who are deemed to be “in compliance with the regulations” would be given liability protection by the government for cyberattacks on their infrastructure so long as they maintain the standards set by the DHS.
McCain said that this process would be too burdensome for American companies, a position shared by the U.S. Chamber of Commerce and former Homeland Security Secretary Tom Ridge who spoke on behalf of the Chamber of Commerce at the hearing on February 16.
During the hearing Ridge stated that more government regulation would simply be too costly and ineffective for protecting information systems, and I couldn’t agree more (something which I honestly thought I would never say in reference to Tom Ridge).
The government has proven time and time again that they are wildly incompetent at securing their own networks, so why would we ever allow them to have dominion over the civilian sector? It simply makes no sense whatsoever.
McCain then exploited the traditional free-market thinking in an attempt to make the American people think he is working for job creation and innovation, not instead to give the military as much control as possible.
“Additionally, if the legislation before us today were enacted into law, unelected bureaucrats at the DHS could promulgate prescriptive regulations on American businesses, which own roughly 90 percent of critical cyber infrastructure,” McCain said.
“The regulations that would be created under this new authority would stymie job creation, blur the definition of private property rights and divert resources from actual cybersecurity to compliance with government mandates. A super-regulator, like DHS under this bill, would impact free market forces, which currently allow our brightest minds to develop the most effective network security solutions,” he added.
McCain also claimed that making the DHS carry out the bill’s mandates would require growth of the agency which would thus cost more for the taxpayer, however, he failed to present evidence showing that the costs would be greater under the DHS or the NSA/military’s command.
Either option is unacceptable in my view, and this is one case where there is no lesser of two evils, really.
McCain claims that is legislation, which he plans to introduce soon, will be “fundamentally” different from the current bill.
He says that he will introduce it with other Republican senators including Kay Bailey Hutchinson of Texas, Saxby Chambliss of Georgia, Lisa Murkowski of Alaska and Charles Grassley of Iowa.
The fundamental difference seems to be essentially a rhetorical one, with McCain claiming that his legislation would create a collaborative relationship with businesses focusing on the sharing of information, whereas he characterizes the currently proposed bill as creating an adversarial relationship through regulations.
While the bill will not be introduced until the senators return from recess, it includes many more provisions than just increasing information sharing between the NSA/military and the private sector.
McCain claimed it will also act to reform the Federal Information Security Management Act, funnel more federal investments towards cybersecurity and even update the criminal code regarding cybercrime (likely increasing the penalties and punishments, one would assume).
All in all, this is really like choosing between chugging a glass of cyanide or having your head blown off with a 12 gauge shotgun. Either way, you’re screwed but if someone tried hard enough they might be able to convince you that one way is better than the other.
In my view, both of these proposed bills are wholly unacceptable and we should do everything to resist more power being put in the hands of criminal agencies like the DHS, NSA and the ever-more-powerful military.
The last thing we need is for the American people to be even more controlled by centralized agencies.
What do you think? Did I miss something? Want to tip me off to another story? Email me at [email protected] with whatever information you have.