In the frenzied weeks following September 11, 2001, the Bush Administration ordered up a comprehensive plan to secure U.S. cyberspace. The idea was that the feds would require tech companies to protect the Web from a potential attack that could cost the economy billions.
Unfortunately, that's not what happened. Thanks to heavy lobbying by the tech sector, The National Strategy to Secure Cyberspace Report, released Sept. 18 by the White House, substitutes weak suggestions for tough directives. Gone from previous versions: a special government-and-industry-fed fund to be used to upgrade network security; requirements for Internet service providers to boost customer protection; and mandatory moves to enhance wireless-network security. Cybersecurity "is an area that cries out for government regulation, but the response has been `Yawn, ho hum,"' says Russ Cooper, an official at TrueSecure Corp. in Herndon, Va., which advises companies on Net security.
It's not just the powerful tech industry fending off regulators, either. The capital's wartime decision-making machinery is beset with lobbying battles being waged by an array of business groups upset by the cost, scope, or timetables of potential homeland security directives. As a result, Congress and the Administration have been forced, due to industry pressure, to backpedal on some much-needed security measures. That, many experts fear, could set the stage for future security lapses.
Indeed, business is waving a large hit list around Washington. U.S. commercial banks are resisting tighter controls on money laundering and transfers by suspicious individuals who may be financing terrorist cells. U.S. railroads are fighting standardized ID cards for all transportation workers. The food industry beat back legislation requiring it to trace the origins of all ingredients to their sources. Because of industry lobbying, "the food-safety provisions of the bioterrorism bill leave gaping holes that still need to be filled," says Caroline Smith DeWaal, director of food safety at the Center for Science in the Public Interest.
Chemical manufacturers, the nuclear industry, and the shipping industry are also engaged in holding actions. Shippers and their retail clients are resisting a proposal from the U.S. Customs Service that they register and seal the contents of cargo containers while still on foreign docks. While the nuclear power industry scrambled an effort by Democrats to federalize its guards, it is still trying to prevent the creation of new agencies to oversee plant security and waste disposal. The Nuclear Security Bill would create a top-level task force comprised of nine Cabinet-level officials and a new Office of Nuclear Security & Incident Response, which would stage simulated attacks by terrorists and urge changes if warranted. Such efforts would be "redundant," duplicating regulation already supplied by the Nuclear Regulatory Commission, insists the Nuclear Energy Institute, an industry group.
Washington's biggest skirmish is over the proposed Chemical Security Act, which would grant the Environmental Protection Agency the right to mandate and then evaluate terrorism-defense plans of companies that make, store, or use hazardous chemicals. The fear: The EPA, with its enforcement culture and penchant for informing the public, will reveal too many industry secrets.
It would be a mistake to assume that every regulatory proposal is a great idea just because there's a war to fight. But the political blocking and tackling in Washington is a far cry from the unified war effort by business and the government after the U.S. entered World War II. Today, too many business lobbyists seem more concerned with battling sensible security measures than in cooperating. When it comes to fighting terrorism, that's a penny-wise, pound-foolish approach.
By Paul Magnusson
With bureau reports