Beyond CISPA: The cybersecurity bills you need to worry about right now

With CISA pushed to the back burner, the Senate is set to consider two alternative cybersecurity bills, both of which are far more expansive than CISPA — and each with many of the same problems, according to privacy advocates. Here is everything you need to know about the Cybersecurity Act of 2012 and the SECURE IT Act before they hit the Senate floor for a vote this month.

We’ve had a bit of a break from Congress’ cybersecurity legislative hoopla since the House passed the contentious Cyber Intelligence Sharing and Protection Act (CISPA) late last month. But with the Senate back from recess, the fight over Internet regulation is roarin’ and ready to roll.

Despite all the fears surrounding CISPA — a bill that would make it easier for the Federal government and businesses to share information (including users’ private communications) — the rumblings from Capitol Hill suggest that CISPA won’t even make it onto the Senate’s agenda, thanks to broad opposition from Senate Democrats and a veto threat from President Obama. (That’s right — you probably don’t have to worry about CISPA itself anymore, though that’s not saying much.) Instead, the Senate is expected to take up two alternative bills, the Cybersecurity Act of 2012 (CSA) sometime this week; and the SECURE IT Act, sometime this month.
Here is a (relatively) concise rundown of what these bills are, and why civil liberties advocates say they too threaten our individual privacy.

What is the Cybersecurity Act of 2012?

The Cybersecurity Act of 2012 (officially known as S. 2105, and often referred to in the press as the “Lieberman-Collins bill”) seeks to establish robust security standards to protect against “cyber threats,” with a particular emphasis on the protection of “critical infrastructure” networks in the U.S, such as electrical grids and air traffic control systems. Companies that operate such systems, assets, or networks would be required to prove to the government that they have certain safeguards in place to protect against cyberattacks.

Like CISPA, CSA also removes certain legal barriers to allow for greater information sharing between the government and the private sector. Finally, CSA establishes the Department of Homeland Security (DHS) as the Federal government’s lead agency for controlling the cybersecurity infrastructure.

Read the CRS summary of CSA here. Or read the full text here.

CSA was introduced to the Senate on February 14 by Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman (I-CT), Ranking Member Susan Collins (R-ME), Commerce Committee Chairman Jay Rockefeller (D-WV), and Select Intelligence Committee Chairman Dianne Feinstein (D-CA). Only one other senator, Sen. Sheldon Whitehouse (D-RI), has co-sponsored the bill since its introduction, though it has explicit support from Senate Majority Leader Harry Reid (D-NV), and the Obama White House.

What is the SECURE IT Act?

Officially known as S. 2151 in the Senate, and H.R.4263 in the House, SECURE IT is a direct response to CSA. Like CSA and CISPA, both the Senate and House versions of SECURE IT remove legal barriers to allow for greater sharing of information between the government and businesses. Unlike CSA, however, SECURE IT does not establish a governmental regulatory system to oversee cybersecurity threats or to make sure that security standards are in place for critical infrastructure. Instead, SECURE IT provides a number of incentives to companies that choose to share “cyber threat information” with the Federal government.

Furthermore, SECURE IT establishes criminal penalties for a wide range of cybercrimes, from “trafficking in passwords” to causing damage to critical infrastructure networks or systems.

SECURE IT was first introduced by Sen. John McCain (R-AZ), and has seven co-sponsors in the Senate, all top-ranking Republicans. In the House, SECURE IT was introduced by Rep. Mary Bono Mack (R-CA), and has one co-sponsor.
Read the full text of S. 2151 here, and the full text of H.R. 4263 here.

What is the difference between the Cybersecurity Act of 2012 and SECURE IT?

Two words: government regulation
The fight over these two bills is classic Washington bi-partisanship. The Democrat-backed CSA establishes a governmental regulatory apparatus that would put in place certain mandatory security measures that private companies (specifically those that deal with critical infrastructure) would have to meet. While some say that CSA doesn’t go far enough towards enforcing these standards, Republicans don’t like this “big government” approach to cybersecurity at all. SECURE IT’s chief sponsor, Sen. John McCain, has called CSA a “regulatory leviathan.” And critics in the private sector insist that CSA would put harmful burdens on businesses. Read more

Advertisement

U.S. Special Forces Being Deployed to Protect “Security” of Yemen

When asked by reporters if U.S. troops would be sent to Yemen, Secretary of Defense Leon Panetta responded, “There’s no consideration of that. Our operations now are directed with the Yemenese going after al-Qaida.”

“No consideration” is exactly the type of vague and undefined phrase the American people have come to expect from representatives of the national government, particularly when it comes to questions about the interminable “War on Terror.”

In what would be a surprise to no one, just days before the Secretary of Defense made this pronouncement, the Obama administration announced that it would be sending troops (“military advisors” is the way the DoD classifies them) back to Yemen to help the Yemeni government track and kill militants associated with al-Qaeda in the Arab Peninsula (AQAP).

As readers may recall, U.S. armed forces were previously deployed to Yemen, but had been recalled after President Obama suspended the mission pending a resolution to the revolution in the host nation.

In February, after 30 years ruling the Middle Eastern country, Ali Abdullah Saleh was sent packing and a new government, one more friendly to drones and “boots on the ground” than the previous administration, took over. Upon hearing the good news, President Obama rescinded his previous order and now U.S. soldiers are back in Yemen.

In language eerily (and purposefully) similar to that used to describe our ongoing role in Afghanistan, the Chairman of the Joint Chiefs of Staff, General Martin Dempsey, told reporters that the goal of the American military mission in Yemen is to “build their capacity, not use our own.”

Naturally, Yemeni government officials echoed this assessment of the renewed joint venture.

Yemeni Foreign Minister Abu Bakr al-Kirby said that the deployment of U.S. troops into his country was a “routine military-to-military cooperation.”

That, say constitutionalists, is precisely the problem. It indeed has become global standard operating procedure to send in the U.S. military whenever some gang of militants needs to be tracked through the mountains in some distant land.

Just how will American “assets” help the Yemeni intelligence service and armed forces capture and eliminate the AQAP presence in that country?

A defense analyst at the Center for Strategic and International Studies in Washington, Anthony Cordesman, reports that, “Some of these you use to cooperate very closely with the Yemenis, and some you use to figure out who’s on first.”

The “small numbers of trainers” that the Pentagon has reintroduced into Yemen consist mainly of special operations units that are typically sent in to assist in the carrying out of covert operations.

What is just as likely is that these Special Forces units will assist the ongoing drone war being waged in Yemen. According to a report on CNN, there have been at least 15 drone strikes in Yemen this year.

Last year two Predator drones shot Hellfire missiles and killed three American citizens in Yemen: Anwar al-Awlaki, his 16-year-old son, Abdulraham al-Awlaki, and Samir Khan. Notably, none of these three men was ever charged with or tried for any crime. The Obama administration seems to favor the ease of remote-control killing of its enemies over the tedium of a trial and the use of drones over due process.

While such decisions demonstrate a lack of commitment by the President to the peace and stability of our constitutional republic, an executive order signed by him yesterday aims to protect the “peace, stability, [and] security of Yemen.”

According to a statement issued in conjunction with the signing of the edict:

This Executive Order will allow the United States to take action against those who seek to undermine Yemen’s transition and the Yemeni peoples’ clear desire for change. The President took this step because he believes that the legitimate aspirations of the Yemeni people, along with the urgent humanitarian and security challenges, cannot be addressed if political progress stalls.

This order unconstitutionally used the power of the U.S. government to block the “property and interests in property that are in the United States, that hereafter come within the United States, or that are or hereafter come within the possession or control of any United States person, including any foreign branch” of any person believed by the Obama administration to be threatening the security and stability of Yemen.

When paired with the indefinite detention provisions of the National Defense Authorization Act (NDAA), the President has been designated the arbiter of safety here and abroad. Should anyone, U.S. citizen or foreigner, be found to have aroused the suspicion of the White House, there is now “legal authority” to have those unfortunate individuals lose their homes, their money, and their freedom — all without being charged, tried, or convicted. READ MORE

Back to Chicago!

Obama’s budget was defeated yesterday in the Senate 99-0.
LIKE if you think it is time for Obama to go back to Chicago.