Act to Strengthen Cybersecurity Actually Threatens Business and Freedoms

Ara Trembly
Insurance Experts' Forum, January 4, 2010

Sometimes it’s hard to know whether Congress does the things it does to protect us or to make it appear that they are protecting us while actually doing nothing or, worse, hurting us. Given this lack of clarity, it is no small wonder that these legislators consistently garner abysmal approval ratings from the American public.

The latest bit of foolishness circulating in the Senate is the Cybersecurity Act of 2009. Introduced in April 2009, this bill is “designed to address our nation's vulnerabilities to cyber crime, global cyber espionage, and cyber attacks,” according to “It would establish a new Cybersecurity Advisory Panel within the White House and streamline the cybersecurity effort through all levels of government.”

Sounds good so far, but wait, there’s more. notes that the bill also “calls on the Department of Commerce to establish and maintain a clearinghouse on information related to cybersecurity threat and vulnerability information to public and private infrastructure deemed ‘critical’ by the President. The Secretary of Commerce would be given access to this information ‘without regard to any provision of law, regulation, rule, or policy restricting such access’ (italics mine).”

The bill would give the President new authority to “declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network." The bill does not, however, define what constitutes an emergency, leaving it to the judgment of the President and/or the Secretary of Commerce.

In other words, the President or Secretary would have the authority to partially or totally shut down the Internet, and no law or judge or senator or congressperson could stop them. Does this still sound like a good idea, or is it abuse of power waiting to happen?

Now I make no secret of the fact that I believe the Obama administration has been a naïve, grossly ineffective and morally compromised enterprise, but I really don’t want ANY President—Washington, Jefferson, Lincoln, Roosevelt, Reagan, Bush (either one)—to have that kind of power over the very engines of our commerce. Needless to say, we don’t want to give that much clout to some politically appointed bureaucrat either. Just picture a scenario under which one of these legislatively enabled demigods decides to whack the insurance industry because someone paid too many bonuses to executives. Too extreme? Well, maybe they could just cripple insurance commerce for certain companies who didn’t fork over the proper political donations.

The point is that we can’t trust absolute power not to corrupt absolutely. Further, there is really no need to give the federal government—not exactly the poster child for running effective businesses—the unrestrained right to turn the faucets of commerce on and off for any reason they deem proper. If there really is a national cybersecurity emergency, we can all figure out that law enforcement—still working within our system of checks and balances—may have to become involved and may even have to take draconian measures to halt damage.

Most of us would have no problem with legislation that would provide funding for cybersecurity research, and the best defenses for federal systems. That’s what this bill really needs to be about. To simply create a pair of cyber-dictators and think that this will solve our problems is scary in a way that shouldn’t even enter the American consciousness.

From here this looks like a needless and shameless power grab on the part of politicians whose appetite for power knows no limits. This bill as it stands is a danger to commerce, to a healthy business climate, and even to public privacy (Big Brother really will be watching you). It must be radically changed, or soundly defeated.

Ara C. Trembly ( is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at

The opinions posted in this blog do not necessarily reflect those of Insurance Networking News or SourceMedia.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Pitfalls of Using Assembly Line Methods to Create Software

Most of the time, when the business needs IT, it is for custom software development, just like creating a concept car.

Wearables and Gamification in Life Insurance Goes Mainstream?

With so many U.S. households still uninsured, insurers are going have to try new things to re-position their product, focusing on consumer needs.

Will John Hancock Vitality Transform Insurance?

The Vitality program integrates this information directly into the rewards, giving you credit for the exercise, just by virtue of reporting it.

Why Customers Should Want Innovative Insurers

At a time when confidence in the insurance industry has been compromised, innovative companies can break the mold.

Five Ways to a Positive User Experience

The user experience can make or break an application. Here are five ways to measure whether itís positive or negative.

Innovation & Insight Day Recap

The Insurance Team recognized fifteen model banks across five categories: Digital; Data Mastery; Legacy and Ecosystem Transformation; Innovation and Emerging Technologies; and Operational Excellence.