Blog

Act to Strengthen Cybersecurity Actually Threatens Business and Freedoms

Ara Trembly
Insurance Experts' Forum, January 4, 2010

Sometimes it’s hard to know whether Congress does the things it does to protect us or to make it appear that they are protecting us while actually doing nothing or, worse, hurting us. Given this lack of clarity, it is no small wonder that these legislators consistently garner abysmal approval ratings from the American public.

The latest bit of foolishness circulating in the Senate is the Cybersecurity Act of 2009. Introduced in April 2009, this bill is “designed to address our nation's vulnerabilities to cyber crime, global cyber espionage, and cyber attacks,” according to OpenCongress.org. “It would establish a new Cybersecurity Advisory Panel within the White House and streamline the cybersecurity effort through all levels of government.”

Sounds good so far, but wait, there’s more. OpenCongress.org notes that the bill also “calls on the Department of Commerce to establish and maintain a clearinghouse on information related to cybersecurity threat and vulnerability information to public and private infrastructure deemed ‘critical’ by the President. The Secretary of Commerce would be given access to this information ‘without regard to any provision of law, regulation, rule, or policy restricting such access’ (italics mine).”

The bill would give the President new authority to “declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network." The bill does not, however, define what constitutes an emergency, leaving it to the judgment of the President and/or the Secretary of Commerce.

In other words, the President or Secretary would have the authority to partially or totally shut down the Internet, and no law or judge or senator or congressperson could stop them. Does this still sound like a good idea, or is it abuse of power waiting to happen?

Now I make no secret of the fact that I believe the Obama administration has been a naïve, grossly ineffective and morally compromised enterprise, but I really don’t want ANY President—Washington, Jefferson, Lincoln, Roosevelt, Reagan, Bush (either one)—to have that kind of power over the very engines of our commerce. Needless to say, we don’t want to give that much clout to some politically appointed bureaucrat either. Just picture a scenario under which one of these legislatively enabled demigods decides to whack the insurance industry because someone paid too many bonuses to executives. Too extreme? Well, maybe they could just cripple insurance commerce for certain companies who didn’t fork over the proper political donations.

The point is that we can’t trust absolute power not to corrupt absolutely. Further, there is really no need to give the federal government—not exactly the poster child for running effective businesses—the unrestrained right to turn the faucets of commerce on and off for any reason they deem proper. If there really is a national cybersecurity emergency, we can all figure out that law enforcement—still working within our system of checks and balances—may have to become involved and may even have to take draconian measures to halt damage.

Most of us would have no problem with legislation that would provide funding for cybersecurity research, and the best defenses for federal systems. That’s what this bill really needs to be about. To simply create a pair of cyber-dictators and think that this will solve our problems is scary in a way that shouldn’t even enter the American consciousness.

From here this looks like a needless and shameless power grab on the part of politicians whose appetite for power knows no limits. This bill as it stands is a danger to commerce, to a healthy business climate, and even to public privacy (Big Brother really will be watching you). It must be radically changed, or soundly defeated.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

The opinions posted in this blog do not necessarily reflect those of Insurance Networking News or SourceMedia.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Don’t Wrap Your Organization Too Tight With Metrics

Metrics provide a picture of how business is going, and systems are performing. But do they provide the right picture?

Insurance: The Original Shared Economy

Insurers should look to revisit the roots of the insurance process.

The Seven Flavors of Virtualization

There is no one single form of virtualization rather, different parts of the IT infrastructure require different approaches.

Can New Technology Turn Older Cars into Safer Cars?

Unless you have the means and motivation to buy a new car every year, your newest car is quickly about to become an older car.

What if Someone Kickstarted an Insurance Company

Our industry is evolving and implementing new innovations, particularly focusing on the customer experience, including the web and mobile.

The Transformative CIO

Today's technology leaders are expanding well beyond their traditional role.