One thing to keep in mind is that the president already has the authority to shut down parts of the Internet in emergencies.

The bill restates the power and expands it to make sure that any system that is too big to fail cannot be allowed to fail at the expense at the rest of the system. The analogy the bill’s authors use is that of the president’s power to order all aircraft to land in the event of a systemwide emergency. That power is — powerful! — but we’re generally OK with it. The Internet, of course, is different, in kind and expanse. There’s a broad sense that it should be free, unfettered, and allowed to evolve on its own. There’s a broad sense that the Internet is to citizens today what guns were to civillian militias of the founding era — the trenchline against tyranny.

Maybe the White House should have this power in extreme emergencies, but it had better be clear about what those emergencies entail, and it had better accept accountability if it oversteps its authority. There is, aside from the obvious definitional issues, an inherent trade-off in codifying this power, and it’s going to be tough to find a balance that satisfies everyone.

It’s a nice idea in theory, but probably a really bad idea in practice. If the comedy of post-9/11 airport security is any guide, we should expect that this bill would create many more problems than it solves.

From a UK/Euro perspective – the US switching-off the internet would have a huge global impact. I think this is a bit like hitting the red button and launching the nukes….while one ‘can’ do it there would be very significant consequences. I think for the vast majority of western businesses it is akin to cutting off the air until all the bad guys suffocate.

Whilst individual robust BCM/DR planning should suffice with a single incident, if all systems and businesses were hit at once there would be a very major problem. One can only imagine the knock-on loading on the other systems: telephony, power, transport, law and order…. almost certainly to failure point.

Just because one can does not mean one should.

Government + social security = BAD
Government + car makers = BAD
Government + fiscal balance = BAD
Government + healthcare = BAD
Government + medicaid and medicare = BAD
Government + control internet = BAD

Honestly, the government needs to stay out of control of the internet. We don’t need the hacks that ran the 911 commission, who most of forgot what their real job was to do, or that they original were the root of some of the issues.

There are plenty of ways to handle this, without the government interfering with our rights. If this was really important, why did it not included radio & TV? They both are major means of communication, and yet they are not, (maybe because they are an example of how private industry actual can work, and that has assisted the government in the past).

We need them to understand you don’t stop the bleeding by kill the people.

The second thing, as stated by others, is that the track record of the government to run or fix anything is pretty abysmal. With that in mind then how do they think they could even realistically be able to know when it is broke and then how to fix it and bring it back on line in any sort of timely fashion. So much of our economy is now reliant on the Internet that if it is not taken care of right then we are looking at an economic failure that will make the Great Depression look like a walk in the park!

There are other reasons too, but I think that will suffice to show why it is a really bad idea.

Well if an attack is coming from particular places/IPs, why not just block that? Can you imagine the economic impact of shutting down access for everyone? All Gore would be rolling in his grave.

Can’t we have a system similar to regional emergencies and declaration of war?
1. People on the scene claim it is an emergency, and communicate that up the chain of command (assuming the communications system is working effectively, unlike the break downs of some recent history emergencies)
2. The Governor or President declares a state of emergency, which pre-authorizes various kinds of actions by relevant agencies.
3. Congress needs to be contacted within a time limit, to get approval for the actions.
http://www.crunchgear.com/2009/08/28/proposed-law-would-give-white-house-%E2%80%98cybersecurity-emergency%E2%80%99-powers-over-the-internet/

The legislation is broad and ambiguous, as is a lot of legislation, and I expect amendments could make it worse. There’s more than one law involved.
http://thehill.com/component/content/article/545-technology/56947-obamas-power-over-internet-central-to-cybersecurity-debate

I agree that government agencies have been doing a poor job with cyber security, and staying current with evolving technology, so whoever is placed in charge of national cyber security should not be the people who have been flunking the job.
http://blogs.computerworld.com/14627/obamas_emergency_powers_over_internet_cybersecurity_bill_s_773

Maybe we should review what the bill actually says, rather than what people fear is in there.

What is listed, below, seems to me to be duplicating earlier legislation, for example, creating an office or officer to have certain responsibilities, where in the past we have had such an office or officer either unoccupied (no one has the job), or unable to do the job, due to lack of cooperation with other government agencies.

There is also a link here to a summary of current contents of the bill, which I am sure will be modified before it goes to Senate vote.

http://commerce.senate.gov/public/index.cfm?FuseAction=PressReleases.Detail&PressRelease_id=bb7223ef-1d78-4de4-b1d5-4cf54fc38662

KEY PROVISIONS OF COMPREHENSIVE CYBERSECURITY LEGISLATION:

• Significantly raising the profile of cybersecurity within the Federal government and streamlining cyber-related government functions and authorities.

• Promoting public awareness and protecting civil liberties.

• Remaking the relationship between government and the private sector on cybersecurity.

• Fostering innovation and creativity in cybersecurity to develop long-term solutions.

An important component of this legislation is to establish the Office of the National Cybersecurity Advisor within the Executive Office of the President. The National Cybersecurity Advisor will lead this office and report directly to the President. The Advisor will serve as the lead official on all cyber matters, coordinating with the intelligence community, as well as the civilian agencies.

I hope that the effort, to figure out what the heck to do, utilizes the guidance of the 9-11 commission members. They did a lot of analysis of the 9-11 problem where Police & Fire radio communications unable to inter-connect. There was also the problem where WTC towers hosted cell phone tower communications. Similar situation in Katrina, where the storm knocked out cell phone towers. The main issue was an over-dependency on a communications system that could be knocked out in an emergency.

RISKS http://catless.ncl.ac.uk/Risks/ has MANY illustrations of this principle.

There are systems with emergency backup generators that need fuel from systems that don’t work without power.

There are military systems running on Windows based systems that can experience the blue screen of death. Several navy ships have had to be towed back to port. A small fortune has been spent on air force planes that cannot fly, when clouds in sky, because of software problems.

The Internet was originally supposed to be designed so that the nation could inter-communicate in an emergency. I don’t suppose it still is that way.

ATM’s in South Africa are rigged to pepper spray crooks who try to tamper with the mechanism to install a skimmer, so as to incapacitate them until the cops arrive. Recently legitimate repair men have got hit with this, and there is the risk that hackers will figure out how to incapacitate customers as they use their debit cards, so as to rob them blind.

Technology schemes are all too often implemented without sufficient common sense to avoid crooks misusing them. Setup a kill switch, and the first people to use them will be crooks. Like computerized elections, some systems are a strong magnet to attract mischef makers.