Egypt move revives US 'kill switch' debate

Some opponents of cybersecurity legislation wending its way through the US Congress have condemned the bill as a danger to free speech and civil liberties that would equip the White House with an Internet "kill switch."

Supporters deny it would confer any such power on the president.

As Hosni Mubarak cut his 80 million people off from the Web, the US senators behind the legislation denounced the move by the Egyptian president as "totally wrong" and leapt to the defense of their bill.

"(Mubarak's) actions were clearly designed to limit internal criticisms of his government," said Joe Lieberman, an independent from Connecticut, Susan Collins, a Republican from Maine, and Tom Carper, a Democrat from Delaware.

"Our cybersecurity legislation is intended to protect the US from external cyberattacks," Lieberman, chairman of the Homeland Security and Governmental Affairs Committee, Collins and Carper said in a joint statement.

"We would never sign on to legislation that authorized the president, or anyone else, to shut down the Internet," they said. "Emergency or no, the exercise of such broad authority would be an affront to our Constitution."

At the same time, the senators continued, "our current laws do give us reason to be concerned" and their bill, which has yet to reach the Senate floor, was designed to replace "broad and ambiguous" presidential authority with "precise and targeted" powers to be used only in a national emergency.

In June, the Electronic Frontier Foundation, American Civil Liberties Union and some two dozen other privacy, civil liberties and civil rights groups wrote a letter to Lieberman, Collins and Carper to express concern about the bill.

"Changes are needed to ensure that cybersecurity measures do not unnecessarily infringe on free speech, privacy, and other civil liberties interests," they said.

"The Internet is vital to free speech and free inquiry, and Americans rely on it every day to access and to convey information," the groups said. "It is imperative that cybersecurity legislation not erode our rights."

Taking note of the concerns, Lieberman, Collins and Carper said "we will ensure that any legislation that moves in this Congress contains explicit language prohibiting the president from doing what President Mubarak did."

"Our bill already contains protections to prevent the president from denying Americans access to the Internet -- even as it provides ample authority to ensure that those most critical services that rely on the Internet are protected," they said.

Cindy Cohn, the EFF's legal director and general counsel, said the latest version of the cybersecurity legislation was an improvement on its "draconian predecessors" but remained wary.

"The Egyptian regime's shutdown of the Internet in an attempt to preserve its political power highlights the dangers of any government having unchecked power over our Internet infrastructure," Cohn said in a blog post.

"The lesson of Egypt is that no one, not even the President of the United States, should be given the power to turn off the Internet.

"(Egypt's move) puts a fine point on the risks to democracy posed by recent Congressional proposals to give the president a broad mandate to dictate how our Internet service providers respond to cyber-emergencies," she said.

"Any proposal to give the president the ability to interfere with Internet access of Americans -- whether to address cyberattacks or for any other reason -- must be tightly circumscribed," she said.

"It must be limited to situations where there are serious and demonstrable external security threats and must be strongly checked by both Congressional and court review."

James Lewis, a cybersecurity expert at the Washington-based Center for Strategic and International Studies, said the cybersecurity bill sets the threshold for invoking the presidential powers "very, very high."

"It's not some arbitrary power to turn off the Internet," Lewis told AFP. "It's an authority consistent with other wartime authorities to act in an emergency.

"It's not an Internet kill switch," he said. "That's just insane. How do you kill a globally distributed network with millions of devices?

"The answer is you don't," Lewis continued. "But you can think about isolating certain domains or certain enterprises.

"Say a big power company gets infected," Lewis said. "You say to them 'Disconnect yourself before you infect other power companies.' It's like an avian flu quarantine for the Internet.

"It's not like Egypt where the dictator wakes up in a bad mood and does it," he said. "It would be a legitimate process. It would have to be the threshold of an act of war or a major terrorist event."

(c) 2011 AFP