Posted on 06/30/2010 6:03:39 AM PDT by Bad~Rodeo
Cyberspace Security bill, dubbed Internet Kill Switch has passed the Senate.
Internet kill switch gets Senate approval by President Obama. The cyberspace security bill that will give President Barack Obama the power to shut down the Internet has passed. However, the bill does give the government limited power in the communications sector.
"Our responsibility for cyber defense goes well beyond the public sector because so much of cyberspace is owned and operated by the private sector," Senator Joe Lieberman said in a statement. "The Department of Homeland Security has actually shown that vulnerabilities in key private sector networks like utilities and communications could bring our economy down for a period of time if attacked or commandeered by a foreign power or cyber terrorists."
Kill Switch is a term that critics have coined because they believe the White House is using the cyberspace bill as a way to control the Internet. However, the Senate has disputed this fiercely and point out that this new law actually limits the president's power over communication. In fact, the Communications Act of 1934, which was still in place, offered far more control without any of the necessary updates for modern technology.
The Protecting Cyberspace bill as a National Asset Act will create the White House Office for Cyberspace Policy and a National Center for Cyber-security and Communications. These agencies will be dedicated
(Excerpt) Read more at newsoxy.com ...
I blame REpublicans too...they did not make enough noise about this...
b@st@rds.
Lieberman is anti freedom.
Republicans are useless anymore. Its like they have just given up. I don’t expect much out of them even if we do win back the House and Senate.
I guess a joke about a presidential kill switch would be entirely inappropriate, right?
bookmark.
another bill to defund after november.
Big Brother is watching.....
“Republicans are useless anymore. Its like they have just given up. I don’t expect much out of them even if we do win back the House and Senate.”
Me, either. We need to kick those quivering girly-men out along with the RATS and put some new blood in there. People who actually love our country, care about our constitution and have principles.
Probably but the thoughts are delicious.
Better use our “kill switch” in November, America, while we still have it...
Yes, and, indeed, one of the bill's two co-sponsors is a Republican, Senator Susan Collins of Maine.
R i i i i i g g h h t . . . .
Perhaps....but do you really believe that the GOP will repeal this? Obama kept Bush's warrantless wiretaps and the GOP will keep the kill switch. The Demopublicans both hate our liberty and love power.
I can understand in a normal society, the president, in the name of national security, having some control over the internet, or any communications.
Giving that power to Obambie, however, is like giving a loaded gun to a 4 year old kid.
Orwell wrote:
WAR IS PEACE
FREEDOM IS SLAVERY
IGNORANCE IS STRENGTH “
I think I should reread 1984. By the way it is available online for free, though reading an entire book on your computer can be a bit irritating.
http://www.george-orwell.org/1984/0.html
Obama is the most “orwellian” President ever in the way he talks. They all did it to a degree, but his is light years past all of them.
And the Senate has such a great track record of expertise re: technology, space, and so many other areas -- most of which have nothing to do with their Constitutionally-defined role...
All the more reason to demand TERM LIMITS. Career politicians are the core of the problem; public "servants" have morphed into masters!
Unfortunately, I don't believe that the relevant section of this bill has any spending that we can defund; it only authorizes some reimbursements:
`SEC. 249. NATIONAL CYBER EMERGENCIES.
`(a) Declaration-
`(1) IN GENERAL- The President may issue a declaration of a national cyber emergency to covered critical infrastructure. Any declaration under this section shall specify the covered critical infrastructure subject to the national cyber emergency.
`(2) NOTIFICATION- Upon issuing a declaration under paragraph (1), the President shall, consistent with the protection of intelligence sources and methods, notify the owners and operators of the specified covered critical infrastructure of the nature of the national cyber emergency.
`(3) AUTHORITIES- If the President issues a declaration under paragraph (1), the Director shall--
`(A) immediately direct the owners and operators of covered critical infrastructure subject to the declaration under paragraph (1) to implement response plans required under section 248(b)(2)(C);
`(B) develop and coordinate emergency measures or actions necessary to preserve the reliable operation, and mitigate or remediate the consequences of the potential disruption, of covered critical infrastructure;
`(C) ensure that emergency measures or actions directed under this section represent the least disruptive means feasible to the operations of the covered critical infrastructure;
`(D) subject to subsection (f), direct actions by other Federal agencies to respond to the national cyber emergency;
`(E) coordinate with officials of State and local governments, international partners of the United States, and private owners and operators of covered critical infrastructure specified in the declaration to respond to the national cyber emergency;
`(F) initiate a process under section 248 to address the cyber vulnerability that may be exploited by the national cyber emergency; and
`(G) provide voluntary technical assistance, if requested, under section 242(f)(1)(S).
`(4) REIMBURSEMENT- A Federal agency shall be reimbursed for expenditures under this section from funds appropriated for the purposes of this section. Any funds received by a Federal agency as reimbursement for services or supplies furnished under the authority of this section shall be deposited to the credit of the appropriation or appropriations available on the date of the deposit for the services or supplies.
`(5) CONSULTATION- In carrying out this section, the Director shall consult with the Secretary, the Secretary of Defense, the Director of the National Security Agency, the Director of the National Institute of Standards and Technology, and any other official, as directed by the President.
`(6) PRIVACY- In carrying out this section, the Director shall ensure that the privacy and civil liberties of United States persons are protected.
`(b) Discontinuance of Emergency Measures-
`(1) IN GENERAL- Any emergency measure or action developed under this section shall cease to have effect not later than 30 days after the date on which the President issued the declaration of a national cyber emergency, unless--
`(A) the Director affirms in writing that the emergency measure or action remains necessary to address the identified national cyber emergency; and
`(B) the President issues a written order or directive reaffirming the national cyber emergency, the continuing nature of the national cyber emergency, or the need to continue the adoption of the emergency measure or action.
`(2) EXTENSIONS- An emergency measure or action extended in accordance with paragraph (1) may--
`(A) remain in effect for not more than 30 days after the date on which the emergency measure or action was to cease to have effect; and
`(B) be extended for additional 30-day periods, if the requirements of paragraph (1) and subsection (d) are met.
`(c) Compliance With Emergency Measures-
`(1) IN GENERAL- Subject to paragraph (2), the owner or operator of covered critical infrastructure shall immediately comply with any emergency measure or action developed by the Director under this section during the pendency of any declaration by the President under subsection (a)(1) or an extension under subsection (b)(2).
`(2) ALTERNATIVE MEASURES- If the Director determines that a proposed security measure, or any combination thereof, submitted by the owner or operator of covered critical infrastructure in accordance with the process established under section 248(b)(2) addresses the cyber vulnerability associated with the national cyber emergency that is the subject of the declaration under this section, the owner or operator may comply with paragraph (1) of this subsection by implementing the proposed security measure, or combination thereof, approved by the Director under the process established under section 248. Before submission of a proposed security measure, or combination thereof, and during the pendency of any review by the Director under the process established under section 248, the owner or operator of covered critical infrastructure shall remain in compliance with any emergency measure or action developed by the Director under this section during the pendency of any declaration by the President under subsection (a)(1) or an extension under subsection (b)(2), until such time as the Director has approved an alternative proposed security measure, or combination thereof, under this paragraph.
`(3) INTERNATIONAL COOPERATION ON NATIONAL CYBER EMERGENCIES-
`(A) IN GENERAL- The Director, in coordination with the head of the sector-specific agency with responsibility for covered critical infrastructure and the head of any Federal agency that is not a sector-specific agency with responsibilities for regulating the covered critical infrastructure, shall--
`(i) consistent with the protection of intelligence sources and methods and other sensitive matters, inform the owner or operator of covered critical infrastructure that is located outside of the United States and the government of the country in which the covered critical infrastructure is located of any national cyber emergency affecting the covered critical infrastructure; and
`(ii) coordinate with the government of the country in which the covered critical infrastructure is located and, as appropriate, the owner or operator of the covered critical infrastructure, regarding the implementation of emergency measures or actions necessary to preserve the reliable operation, and mitigate or remediate the consequences of the potential disruption, of the covered critical infrastructure.
`(B) INTERNATIONAL AGREEMENTS- The Director shall carry out this paragraph in a manner consistent with applicable international agreements.
`(4) LIMITATION ON COMPLIANCE AUTHORITY- The authority to direct compliance with an emergency measure or action under this section shall not authorize the Director, the Center, the Department, or any other Federal entity to compel the disclosure of information or conduct surveillance unless otherwise authorized under chapter 119, chapter 121, or chapter 206 of title 18, United States Code, the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.), or any other provision of law.
`(d) Reporting-
`(1) IN GENERAL- Except as provided in paragraph (2), the President shall ensure that any declaration under subsection (a)(1) or any extension under subsection (b)(2) is reported to the appropriate committees of Congress before the Director mandates any emergency measure or actions under subsection (a)(3).
`(2) EXCEPTION- If notice cannot be given under paragraph (1) before mandating any emergency measure or actions under subsection (a)(3), the President shall provide the report required under paragraph (1) as soon as possible, along with a statement of the reasons for not providing notice in accordance with paragraph (1).
`(3) CONTENTS- Each report under this subsection shall describe--
`(A) the nature of the national cyber emergency;
`(B) the reasons that risk-based security requirements under section 248 are not sufficient to address the national cyber emergency; and
`(C) the actions necessary to preserve the reliable operation and mitigate the consequences of the potential disruption of covered critical infrastructure.
`(e) Statutory Defenses and Civil Liability Limitations for Compliance With Emergency Measures-
`(1) DEFINITIONS- In this subsection--
`(A) the term `covered civil action'--
`(i) means a civil action filed in a Federal or State court against a covered entity; and
`(ii) does not include an action brought under section 2520 or 2707 of title 18, United States Code, or section 110 or 308 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1810 and 1828);
`(B) the term `covered entity' means any entity that owns or operates covered critical infrastructure, including any owner, operator, officer, employee, agent, landlord, custodian, or other person acting for or on behalf of that entity with respect to the covered critical infrastructure; and
`(C) the term `noneconomic damages' means damages for losses for physical and emotional pain, suffering, inconvenience, physical impairment, mental anguish, disfigurement, loss of enjoyment of life, loss of society and companionship, loss of consortium, hedonic damages, injury to reputation, and any other nonpecuniary losses.
`(2) APPLICATION OF LIMITATIONS ON CIVIL LIABILITY- The limitations on civil liability under paragraph (3) apply if--
`(A) the President has issued a declaration of national cyber emergency under subsection (a)(1);
`(B) the Director has--
`(i) issued emergency measures or actions for which compliance is required under subsection (c)(1); or
`(ii) approved security measures under subsection (c)(2);
`(C) the covered entity is in compliance with--
`(i) the emergency measures or actions required under subsection (c)(1); or
`(ii) security measures which the Director has approved under subsection (c)(2); and
`(D)(i) the Director certifies to the court in which the covered civil action is pending that the actions taken by the covered entity during the period covered by the declaration under subsection (a)(1) were consistent with--
`(I) emergency measures or actions for which compliance is required under subsection (c)(1); or
`(II) security measures which the Director has approved under subsection (c)(2); or
`(ii) notwithstanding the lack of a certification, the covered entity demonstrates by a preponderance of the evidence that the actions taken during the period covered by the declaration under subsection (a)(1) are consistent with the implementation of--
`(I) emergency measures or actions for which compliance is required under subsection (c)(1); or
`(II) security measures which the Director has approved under subsection (c)(2).
`(3) LIMITATIONS ON CIVIL LIABILITY- In any covered civil action that is related to any incident associated with a cyber vulnerability covered by a declaration of a national cyber emergency and for which Director has issued emergency measures or actions for which compliance is required under subsection (c)(1) or for which the Director has approved security measures under subsection (c)(2), or that is the direct consequence of actions taken in good faith for the purpose of implementing security measures or actions which the Director has approved under subsection (c)(2)--
`(A) the covered entity shall not be liable for any punitive damages intended to punish or deter, exemplary damages, or other damages not intended to compensate a plaintiff for actual losses; and
`(B) noneconomic damages may be awarded against a defendant only in an amount directly proportional to the percentage of responsibility of such defendant for the harm to the plaintiff, and no plaintiff may recover noneconomic damages unless the plaintiff suffered physical harm.
`(4) CIVIL ACTIONS ARISING OUT OF IMPLEMENTATION OF EMERGENCY MEASURES OR ACTIONS- A covered civil action may not be maintained against a covered entity that is the direct consequence of actions taken in good faith for the purpose of implementing specific emergency measures or actions for which compliance is required under subsection (c)(1), if--
`(A) the President has issued a declaration of national cyber emergency under subsection (a)(1) and the action was taken during the period covered by that declaration;
`(B) the Director has issued emergency measures or actions for which compliance is required under subsection (c)(1);
`(C) the covered entity is in compliance with the emergency measures required under subsection (c)(1); and
`(D)(i) the Director certifies to the court in which the covered civil action is pending that the actions taken by the entity during the period covered by the declaration under subsection (a)(1) were consistent with the implementation of emergency measures or actions for which compliance is required under subsection (c)(1); or
`(ii) notwithstanding the lack of a certification, the entity demonstrates by a preponderance of the evidence that the actions taken during the period covered by the declaration under subsection (a)(1) are consistent with the implementation of emergency measures or actions for which compliance is required under subsection (c)(1).
`(5) CERTAIN ACTIONS NOT SUBJECT TO LIMITATIONS ON LIABILITY-
`(A) ADDITIONAL OR INTERVENING ACTS- Paragraphs (2) through (4) shall not apply to a civil action relating to any additional or intervening acts or omissions by any covered entity.
`(B) SERIOUS OR SUBSTANTIAL DAMAGE- Paragraph (4) shall not apply to any civil action brought by an individual--
`(i) whose recovery is otherwise precluded by application of paragraph (4); and
`(ii) who has suffered--
`(I) serious physical injury or death; or
`(II) substantial damage or destruction to his primary residence.
`(C) RULE OF CONSTRUCTION- Recovery available under subparagraph (B) shall be limited to those damages available under subparagraphs (A) and (B) of paragraph (3), except that neither reasonable and necessary medical benefits nor lifetime total benefits for lost employment income due to permanent and total disability shall be limited herein.
`(D) INDEMNIFICATION- In any civil action brought under subparagraph (B), the United States shall defend and indemnify any covered entity. Any covered entity defended and indemnified under this subparagraph shall fully cooperate with the United States in the defense by the United States in any proceeding and shall be reimbursed the reasonable costs associated with such cooperation.
`(f) Rule of Construction- Nothing in this section shall be construed to--
`(1) alter or supersede the authority of the Secretary of Defense, the Attorney General, or the Director of National Intelligence in responding to a national cyber emergency; or
`(2) limit the authority of the Director under section 248, after a declaration issued under this section expires.
`SEC. 250. ENFORCEMENT.
`(a) Annual Certification of Compliance-
`(1) IN GENERAL- Not later than 6 months after the date on which the Director promulgates regulations under section 248(b), and every year thereafter, each owner or operator of covered critical infrastructure shall certify in writing to the Director whether the owner or operator has developed and implemented, or is implementing, security measures approved by the Director under section 248 and any applicable emergency measures or actions required under section 249 for any cyber vulnerabilities and national cyber emergencies.
`(2) FAILURE TO COMPLY- If an owner or operator of covered critical infrastructure fails to submit a certification in accordance with paragraph (1), or if the certification indicates the owner or operator is not in compliance, the Director may issue an order requiring the owner or operator to submit proposed security measures under section 248 or comply with specific emergency measures or actions under section 249.
`(b) Risk-Based Evaluations-
`(1) IN GENERAL- Consistent with the factors described in paragraph (3), the Director may perform an evaluation of the information infrastructure of any specific system or asset constituting covered critical infrastructure to assess the validity of a certification of compliance submitted under subsection (a)(1).
`(2) DOCUMENT REVIEW AND INSPECTION- An evaluation performed under paragraph (1) may include--
`(A) a review of all documentation submitted to justify an annual certification of compliance submitted under subsection (a)(1); and
`(B) a physical or electronic inspection of relevant information infrastructure to which the security measures required under section 248 or the emergency measures or actions required under section 249 apply.
`(3) EVALUATION SELECTION FACTORS- In determining whether sufficient risk exists to justify an evaluation under this subsection, the Director shall consider--
`(A) the specific cyber vulnerabilities affecting or potentially affecting the information infrastructure of the specific system or asset constituting covered critical infrastructure;
`(B) any reliable intelligence or other information indicating a cyber vulnerability or credible national cyber emergency to the information infrastructure of the specific system or asset constituting covered critical infrastructure;
`(C) actual knowledge or reasonable suspicion that the certification of compliance submitted by a specific owner or operator of covered critical infrastructure is false or otherwise inaccurate;
`(D) a request by a specific owner or operator of covered critical infrastructure for such an evaluation; and
`(E) such other risk-based factors as identified by the Director.
`(4) SECTOR-SPECIFIC AGENCIES- To carry out the risk-based evaluation authorized under this subsection, the Director may use the resources of a sector-specific agency with responsibility for the covered critical infrastructure or any Federal agency that is not a sector-specific agency with responsibilities for regulating the covered critical infrastructure with the concurrence of the head of the agency.
`(5) INFORMATION PROTECTION- Information provided to the Director during the course of an evaluation under this subsection shall be protected from disclosure in accordance with section 251.
`(c) Civil Penalties-
`(1) IN GENERAL- Any person who violates section 248 or 249 shall be liable for a civil penalty.
`(2) NO PRIVATE RIGHT OF ACTION- Nothing in this section confers upon any person, except the Director, a right of action against an owner or operator of covered critical infrastructure to enforce any provision of this subtitle.
`(d) Limitation on Civil Liability-
`(1) DEFINITION- In this subsection--
`(A) the term `covered civil action'--
`(i) means a civil action filed in a Federal or State court against a covered entity; and
`(ii) does not include an action brought under section 2520 or 2707 of title 18, United States Code, or section 110 or 308 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.