Dumb ideas never die in Washington; they’re just re-invented. One chestnut that simply refuses to expire would grant the president Mubarak-like power over the handful of private companies whose services provide the backbone of the Internet. Last month, Sen. Joseph I. Lieberman, Connecticut Independent, reintroduced legislation that had been widely panned last session as the “Internet kill switch.” Now the scheme has been re-imagined with a warm-and-fuzzy title meant to allay concerns.
The Cybersecurity and Internet Freedom Act of 2011 remains unchanged in key respects. It still gives the White House authority to declare a vaguely defined “cyber emergency” that empowers bureaucrats to issue directives to Internet companies with which they must “immediately comply.” All this would be done in the name of a threat to national security that has been wildly overhyped. “We know that cyber intruders have probed our electrical grid and that in other countries cyber attacks have plunged entire cities into darkness,” President Obama said in May 2009 remarks on cybersecurity.
This sky-is-falling routine has been around since 1996, when then-President Bill Clinton issued an executive order that led to the development of a similar plan called the Federal Intrusion Detection Network (Fidnet) that was to have major companies run their Internet connections through the government - for their own safety. “Because many of these critical infrastructures are owned and operated by the private sector, it is essential that the government and private sector work together to develop a strategy for protecting them and assuring their continued operation,” the order stated.
Even though Congress shot down Fidnet and subsequent iterations of the same concept, the United States hasn’t been plunged into darkness. In fact, the most significant power-grid failure in America was caused by overgrown tree limbs and lightning strikes. The online terror scenarios that have been just around the corner for the past 15 years never materialized. Politicians exaggerate the danger because they love nothing better than creating new programs no matter how redundant.
Mr. Lieberman’s bill would establish an Office of Cyberspace Policy within the White House to coordinate the federal and private-sector response to Internet security risks. Never mind that Mr. Obama already appointed a U.S. cybersecurity coordinator with the same mission in 2009. In 2006, Congress created the Department of Homeland Security’s Office of Cybersecurity and Communications, with many of the same functions. There’s also the White House Office of E-Government and Information Technology headed by the chief information officer for the government who’s charged with enhancing cybersecurity. The National Security Council has a Cybersecurity Office. There’s also a federal chief technology officer. So at best, Mr. Lieberman’s plan will do little more than ensure more interagency meetings and the production of additional reports and memos nobody will read.
The bill’s darker side gives the new office regulatory authority over the major companies that provide Internet services. These firms would be forced to file annual reports certifying compliance with whatever “security” policies the administration dreams up. These corporations also must submit extensive documentation and acquiesce to “physical or electronic inspection of relevant information infrastructure.”
Federalizing airport security with the Transportation Security Administration (TSA) has been a disaster. Mr. Lieberman’s plan amounts to the creation of an online equivalent of the TSA to boss around the private sector on computer security. The companies already involved have plenty of incentive to protect their multimillion-dollar investments without Big Brother giving them a pat down.