For more local news from India, visit Bloombergquint.com

Senators Dump Internet ‘Kill Switch’ for Cyber-Attack Response

The president can’t use emergency measures to order an Internet shutdown to combat cyber attacks, according to revised legislation introduced yesterday by three senators.

The 2011 Cybersecurity Freedom Act -- proposed by senators Joseph Lieberman, a Connecticut independent; Susan Collins of Maine; and Tom Carper, a Delaware Democrat -- is almost identical to the legislation the senators introduced in June with two exceptions.

The bill adds language that forbids the president from shutting down the Internet during a national crisis. It also permits owners of major computer systems deemed as critical infrastructure, and therefore subject to Homeland Security Department regulations, to appeal their status in federal court.

Concern about giving the president authority to shut down the Internet generated opposition among some businesses and consumer groups after Egypt’s President Hosni Mubarak blocked that country’s Internet access to try to quell protesters. The original bill had vague language about an Internet-kill switch and would have faced problems passing the House, said Rep. Mike McCaul, a Republican from Texas.

The controversies spurred the introduction of the new bill, said Lieberman, who heads the Senate Homeland Security and Governmental Affairs Committee. “We want to clear the air once and for all,” he said in an e-mailed statement. “There is no so-called ‘kill switch’ in our legislation because the very notion is antithetical to our goal of providing precise and targeted authorities to the president.”

Collins is the committee’s senior Republican and Carper also is a member of the panel.

Industry Likes Provisions

Industry welcomed the two new provisions, said Larry Clinton, the president of the Internet Security Alliance, an industry association in Washington.

“The kill switch idea was a distraction in the cybersecurity debate and brought up complexities that didn’t need to be brought up,” said Clinton in an interview today. “Now the committee can focus on the real issues at hand.”

Allowing companies to appeal in a federal court the designation of their systems as critical infrastructure is one step closer to better defining which companies should be classified as critical infrastructure, he said.

“There’s a lot of worry among industry that the designation of critical infrastructure is too broad and that many businesses will be required to submit to regulations under that definition that really shouldn’t be,” Clinton said. “I’m not sure if the provision as-is is adequate to gain full industry support, but it’s a step in the right direction.”

Google, Mastercard Attacked

Lawmakers are trying to craft legislation to improve U.S. cybersecurity after several large U.S. companies reported attacks on their computer networks in the past year. In March, Google Inc. stopped censoring searches in China and pulled out of the country after alleging attacks on its networks aimed at obtaining proprietary information and personal data on human-rights activists. In December, Mastercard Inc. and Visa Inc. said their websites were attacked by supporters of Wikileaks.

Last month, Senate Majority Leader Harry Reid introduced a placeholder bill aimed at tightening cybersecurity. The legislation, backed by the heads of seven Senate committees, would provide incentives to companies to assess their cybersecurity risks and safeguard their computers from attacks. Reid is working on the details of the bill.

Before it's here, it's on the Bloomberg Terminal. LEARN MORE