Fiat, It’s What’s For Dinner

Disclaimer: this post is not about a political party but about something much bigger.

It seems the White House is not satisfied with the defeat of SOPA and PIPA:

There Is No Need For A Cybersecurity Executive Order

Since the collapse of the Congressional attempt to pass the Cybersecurity Act of 2012 there has been mounting pressure for the Obama Administration to “do something”, that something being the imposition of a regulatory regime to protect critical infrastructure. But the Cybersecurity Act of 2012 failed because it was fatally flawed.

On Friday, Federal News Radio reported that they had obtained a copy of a proposed Executive Order that would attempt, through executive fiat – as Steve Bucci at the Heritage Foundation terms it– to impose most of the measures called for by Senators Lieberman and Collins.

Bucci raises an important point:

“[Regulation] is exactly the wrong approach for dealing with a fast-moving and incredibly dynamic field like cybersecurity. Give hackers—whether working for themselves or for another nation-state—a static standard, and they will waltz around it and have their way with the target entity.”

Congress has gone through several dozen cybersecurity bills in the last three years, not to mention the failed attempt to pass a data breach law which dates back to 2005. Even as they revise and re-write, there have been dramatic changes in the defensive posture of our critical infrastructure providers. Effective changes.

Let’s look at the proposed Executive Order as revealed by Federal news Radio. There are ten sections of the draft. Most of them call for nebulous voluntary information sharing or requirements that DHS create frameworks within three months. I can just see the scramble that will occur, and the watered down frameworks that will result, after multiple extensions to the due date are granted.

Read the rest here

I have many thoughts about this issue. I’ll spare you most of them. But I will say that it’s interesting how there is no hue and cry from the mainstream press over this potentially far reaching access to private information, and especially when I consider the righteous indignation exhibited when the Bush administration obtained phone records without a narrowly defined court order.

And for the record (again), I have not been a fan of the Homeland Security Act from its beginning. Sadly, Homeland will probably surf my site since I’ve said this, and it wouldn’t be the first time. Shaking my head as I write this because I know others who have experienced the same but feel skittish to talk about it. What the hell is our country coming to?