A new version of a controversial cyber-security bill has been introduced in the Senate with an emphasis on partnerships between the government and private sector. A previous draft of the bill touched off controversy last year when critics said it allowed the president to shut down the Internet in the event of a national emergency.
A new version of a
controversial cyber-security bill was introduced to the Senate March 17 with
updated language to lessen opposition from the tech industry and civil
libertarians.
The new draft avoids a
major sticking point regarding the
expansion
of presidential powers in the event of a national cyber-emergency.
When the bill was introduced last year, a provision that allowed the president
to declare a national emergency and "order the limitation or shutdown of
Internet traffic to and from any compromised Federal Government or
United States
critical
infrastructure information system or network" triggered a backlash from those
worried about the Oval Office having too much power.
In the new version of the
bill, there is an emphasis put on the president collaborating with industry to
develop plans for dealing with an emergency, and it states explicitly in Section
201 that the office of the president is not being given new powers or having
its current authority expanded by the bill.
"The Rockefeller-Snowe
initiative seeks to bring new high-level governmental attention to developing a
fully integrated, thoroughly coordinated public-private partnership," said Sen.
Olympia Snowe, R-Maine, a co-sponsor of the bill, in a
statement. "It is imperative that the public and private sectors marshal
our collective forces in a collaborative and complementary manner to confront
this urgent threat."
Along those lines, the
bill calls for the government to partner with industry to designate critical IT
infrastructure. In addition, the president is required to collaborate with
private sector critical infrastructure companies to identify the
best training
programs and industry practices. Companies will then be required
to meet those standards. If they fail two consecutive audits, the
companies would be required to work with the government and others in
their respective industry to develop a remediation plan.
"At this very moment,
sophisticated
cyber enemies are trying to steal our identities, our money, our business
innovations, and our national security secrets," said Sen. Jay Rockefeller, D-W.Va.,
another co-sponsor, in a statement. "This 21st century threat calls for a
robust 21st century response from our government, our private sector and our
citizens. Private companies and the government must work together to
protect our nation, our networks and our way of life from the growing cyber
threat."
A full summary of the
bill's provisions
can
be found here (PDF). The legislation is slated to be marked up March
24.
Email
Print
