Here’s yet another development coming out of Washington that web masters and search engine optimization professionals need to be aware of.
Internet companies and civil liberties groups were alarmed this spring when the Cybersecurity Act of 2009, S. 773, was introduced by Sen. Jay Rockefeller (D-WV). CNET News obtained a revised version of the bill to find out that it grants broad powers to the executive branch to seize temporary control of private-sector networks during a cybersecurity emergency.
Under this legislation, the president would be able to declare a “cybersecurity emergency” relating to “non-governmental” networks and do what’s necessary to respond to the threat. If passed, the new law would also create a federal certification program for “cybersecurity professionals” – managers of certain private sector computer networks and systems will be required to obtain this license.
Larry Clinton, president of the Internet Security Alliance, states “I think the redraft, while improved, remains troubling due to its vagueness. It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill.”
A source in the Senate close to the action equated this new authority to President Bush’s grounding of all aircraft amid the 9/11 terror attacks.
The revised bill would require all federal agencies to create a “cybersecurity workforce plan” and implement a “comprehensive national cybersecurity strategy” within 6 months. However, the legal review will take upwards of a year to complete.
Section 201 of the revised bill is perhaps the most controversial – it permits the President to “direct the national response to the cyber threat” if necessary for “the national defense and security.” The executive branch will be required to conduct “periodic mapping” of critical private networks and companies “shall share” requested information with the federal government.
The problem of course is that the bill does not detail what a “critical” network is and that is why there is much concern about this legislation. The bill does define the term “Cyber” as anything to do with the Internet, telecommunications, computers or computer networks. Overly broad we would say.
Read this article from CNET News and decide for yourself. We will keep tabs on the progress of this legislation and let you know of any further developments.