Analyst's note: You can bet we will be hearing more about the details of this one.
SAN FRANCISCO — A raging debate over new legislation, and its impact on the Internet, has tongues wagging and fingers pointing from Silicon Valley to Washington, D.C.
Just as the Egyptian government recently forced the Internet to go dark, U.S. officials could flip the switch if the Protecting Cyberspace as a National Asset legislation becomes law, say its critics.
Proponents of the bill, which is expected to be reintroduced in the current session of Congress, dismiss the detractors as ill-informed — even naive.
The ominously nicknamed Kill Switch bill is sure to be a flashpoint of discussion at the RSA Conference, the nation's largest gathering of computer-security experts that takes place here this week.
The bill — crafted by Sens. Joseph Lieberman, I-Conn.; Susan Collins, R-Maine; and Tom Carper, D-Del. — aims to defend the economic infrastructure from a cyberterrorist attack. But it has free-speech advocates and privacy experts howling over the prospect of a government agency quelling the communication of hundreds of millions of people.
"This is all about control, an attempt to control every aspect of our existence," says Christopher Feudo, a cybersecurity expert who is chairman of SecurityFusion Solutions. "I consider it an attack on our personal right of free speech. Look what recently occurred in Egypt."
[....] The autocratic government of former Egyptian president Hosni Mubarak ordered the shutdown of four major Internet service providers, effectively shuttering the Internet in Egypt for several days. Could that happen in the U.S. if the bill becomes law?
In the U.S., there are 2,000 to 4,000 Internet providers, many of whom virulently oppose government interference that would put a clamp-down on their businesses.
[....] Proponents of the bill say it is narrowly crafted and does not intend to limit speech but to eliminate the vulnerability of critical systems such as banks, the power grid and telecommunications from attacks by terrorists or agents of hostile countries.
Indeed, the bill specifically does not grant the president power to act unless a cyberattack threatens to cause more than $25 billion in damages in a year, kill more than 2,500 people or force mass evacuations. The president would have the ability to pinpoint what to clamp down on without causing economic damage to U.S. interests, for anywhere from 30 to 120 days with the approval of Congress, according to the bill.
[....] It neither expressly calls for the creation of an Internet kill switch nor does it exclude one. It only requires the president to notify Congress before taking action, and it specifically prohibits judicial review of the president's designation of critical infrastructure. The non-profit Center for Democracy and Technology, in a measured letter to Lieberman, Collins and others, wants more specifics on the sweep of "emergency" measures mentioned in the bill.
"In our constitutional system of checks and balances, that concentrates far too much power in one branch of government," says Karr. "The devil is always in the details, and here the details suggest that this is a dangerous bill that threatens our free-speech rights. [....]"