Friday, June 25, 2010

ALA proposes significant improvements to Protecting Cyberspace as a National Asset Act of 2010

 In anticipation of a June 24th Senate mark-up on the Protecting Cyberspace as a National Asset Act of 2010 (S. 3480), the ALA sent a letter, in conjunction with the Surveillance Coalition, proposing significant improvements to the legislation.
Senator Joe Lieberman (I-CT.), chair of the Senate Committee on Homeland Security and Governmental Affairs, introduced the bill earlier this month.  Cosponsors, at this time, are Senators Thomas Carper (D-DE.) and Susan Collins (R-ME.)  The Surveillance Coalition includes OpenTheGovernment.org, the ACLU, the Center for Democracy and Technology and OMBWatch, in addition to ALA.
The bill’s sponsors propose creating an Office of Cyber Policy in the White House as well as a National Center for Cybersecurity and Communications within the Department of Homeland Security (DHS.)  The latter would be created to “enforce cybersecurity policies through the government and the private sector.”  Controversy has swirled around the bill because of what some critics describe as giving the president an “Internet kill switch” allowing the government to take over the Internet.

One such report quoted Lieberman as dismissing the notion that S. 3480 “would give the president access to an Internet kill switch…however, … the government needs to be able to ‘disconnect parts of its Internet in a case of war.’ (PCMag reports in Mobile Meta on June 23rd)   Lieberman added: “The president will never take over — the government should never take over the Internet,” Lieberman said during CNN’s “State of the Union,” according to a transcript.
But the Surveillance Coalition remains concerned about many free speech and privacy problems in the bill.   The group’s letter emphasizes the need “to ensure that cybersecurity measures do not unnecessarily infringe on free speech, privacy and other civil liberties interests.”
The coalition asks Lieberman and his committee to “clarify the scope of the legislation by restrictively defining CCI [critical communications infrastructure] so that cybersecurity responsibilities the bill imposes fall only on truly critical network components.”   The coalition also asks that the bill include a strict First Amendment scrutiny test to discern that “the action must further a compelling governmental interest and must be narrowly tailored to advance that interest.”
Many people remain concerned about S. 3480 and the implications for information sharing and privacy.  The bill would require CCI owners and operators to share cybersecurity “incident” information with [the Department of Homeland Security] DHS, which will share some of that information with law enforcement and intelligence personnel.   ALA, like others in the coalition, remains concerned that personally-identifiable information could be included.   The letter goes on to ask that the bill be changed to “ensure that information sharing activities be conducted only in accordance with principles of Fair Information Practices as articulated by the DHS Privacy Office.”   
The coalition also asks for more transparency and public reporting in its letter.  “While the bill includes several provisions requiring reports to Congress, including reports about cybersecurity emergencies about monitoring Internet traffic to and from government agencies for cybersecurity purposes, it should clarify that these reports must be made publicly.”
ALA will be closely monitoring the June 24th mark-up and will report on developments with this legislation as it moves forward.
Lynne Bradley, director
Office of Government Relations

No comments: