The Cybersecurity Act of 2012 (CSA or CSA2012) seems to be on the fast track through the government these days. While many people are aware of its counterpart CISPA (Cyber Intelligence Sharing and Protection Act), fewer people seem to be aware of this particular iteration of the legislation.
Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes
The one thing to remember about the CSA is the fact that the legislation has received a number of amendments. A number of these amendments, as noted by the EFF affected consumer privacy in positive ways. Still, that left the controversial section Section 701 that could see some ISPs interpreting this as a call to ban proxy services like VPN or Tor.
so, where is the CSA now? It is apparently on a fast-track towards passage these days. A recent report from The Hill suggests that the legislation is moving ahead to debate in the US Senate:
The motion to proceed to the Cybersecurity Act was approved 84-11 after Senate Majority Leader Harry Reid (D-Nev.) agreed to an open amendment process.
The bipartisan Cybersecurity Act, S. 3414, aims to protect the nation from cyberattacks against critical infrastructure such as the electrical grid, banking systems, transportation networks and others.
President Obama said Thursday that he supports the revised version of the bill introduced by Lieberman, but noted it lacked “some of the key provisions of earlier bills.”
Some of those previous provisions was the subject of a previous article we published on the legislation. One of those previous provisions included covering potential future crimes not related to cybersecurity and sharing any of that data with whatever department authorities saw fit. You can very well imagine how scary the legislation was if that was just one of a handful of controversial provisions.
FDL is pointing to a related article on the New York Times that shows top military officials saying theres a mysterious rise in cybersecurity threats. Fortunately (and I say “fortunately” with a large amount of sarcasm), they have this piece of cybersecurity legislation known as the CSA2012 that will magically fix all the problems and stop all the threats to America in the digital environment.
It’s probably only predictable at this point that as the bill gets closer to final passage, the rhetoric of how much this legislation is magically needed will no doubt ramp up – especially if there are legitimate fears it might not pass (whether for an internal political reason or unforeseen delays that could push it all the way up to the election).
Still, are fears of cyberwar completely justified? While the government thinks so, a growing list of people are expressing their doubts. Back in May, a CIO article raised the possibility that this ramping up fear of cyberwar is merely a government cash grab (Hat tip /.). You can’t say there isn’t any money to be made in the midst of all of this potential need to upgrade infrastructure in the wake of such legislation. Framing the fears of cyberwar as little more than a cash grab isn’t really all that far-fetched. The big question is, at what expense? So far, the biggest risk is American’s losing the ability to obfuscate or hide their tracks online through proxy services.
Still, even if you think that tracking future crimes isn’t that big of a deal, just think about this: there are already people in Germany who think that if you don’t have a Facebook account, you could potentially be a mass murderer. I’ll let you use your imagination of what else officials can dream up as corporations line their pockets with money. Ultimately, if some of the scarier provisions did somehow make it through (beyond the banning of proxy services), the sky is the limit for the potential abuse that could follow.
Further Reading: Text of CSA2012
Drew Wilson on Twitter: @icecube85 and Google+.
