What does a President do when Congress won’t enact legislation he likes? What can he do when the American people hate legislation he wants to see in place? The answer, my friend, is this: When all else fails, issue an Executive Order. Presto-chango, we have a new law without all the fuss and muss of democracy. Obama has issued executive orders sanctioning entire countries. He likes executive orders. He likes secrecy, too; so much so that one of his executive orders never made it to the Executive Orders section of the White House website, but was hidden within a news release, in the Press Releases section. See: http://www.whitehouse.gov/the-press-office/2012/07/31/executive-order-authorizing-additional-sanctions-respect-iran
He likes secrecy so much, his trade negotiator has been authorized to negotiate a trade agreement that will forever alter the idea of the sovereignty of nations. [see: http://teri.nicedriving.org/2012/06/the-trans-pacific-partnership-tpp/ ]
He also likes the idea of cyber security and, daggone it, Congress is not getting the freaking job done. I wrote about the train of cyber security bills working its way through Congress in the following excerpt from an April post:
By the way, Obama is proving himself to be the original three-card monte man. (“Find the lady in red, cherchez la femme rouge, that’s all you have to do. Up and down, all around, in and out, all about, to and fro, watch ‘em go, now they’re back, they’re side by side, so tell me, dollface, where’s she hide?” – from dialogue in “Hearts in Atlantis” by Stephen King.)
As everyone watches for the fate of the cybersecurity bill called CISPA, which has passed the House under threat of Obama veto, there are three other cybersecurity bills quickly lining up behind it. Obama said he would veto CISPA because it invades our privacy. The bill that he prefers and is pushing hard for is the Senate version, the Leiberman-Collins bill called The Cybersecurity Act of 2012 (S. 2105). Yet, while CISPA suggests cyber data and social network companies should share information with the government, the Leiberman-Collins bill requires that cyber data and social network companies share information with the government under the aegis of Homeland Security (i.e.; all meta-data in the country would be required to go to Homeland Security). Obama likes this one so much, he had Janet Nepolitano stage a special mock cyber attack to scare the shit out of invited senators. (No) Surprise! It worked. But then, these guys have been perpetually cowering and wetting themselves since 9/11.
About Obama’s preferred plan, the Lieberman-Collins bill (The Cybersecurity Act of 2012) and John McCain’s bill (the SECURE IT Act; and wait until you see what those letters stand for. He wanted to call it the SECURITIZE THE INTERNET ACT, but couldn’t think of enough words and didn’t know hardly any z-words at all):
[Outside article excerpt] The director of the National Security Agency (NSA) endorsed Senate legislation that would place the Department of Homeland Security (DHS) in charge of setting cybersecurity standards for private industry during a hearing of the Senate Armed Services Committee Tuesday.
Army Gen. Keith Alexander, NSA director, told the panel that it was appropriate that his agency and US Cyber Command, the organization at the Department of Defense (DoD) in charge of organizing cyberdefenses, maintain an outward-facing stance for combating foreign threats while DHS works internally to collaborate with private companies to set cybersecurity objectives….
Alexander further called for liability protections for companies to share information with NSA and DHS, providing them with the intelligence they require to fight cyberattacks… NSA can best assist the private sector by providing its capabilities and technical expertise to DHS, Alexander said.
He stated, “I think the lead for working with critical infrastructure and helping them defend and prepare their networks should lie with DHS.”
As such, Alexander embraced the Cybersecurity Act of 2012 (S. 2105), introduced by Sens. Joseph Lieberman (I-Conn.), Susan Collins (R-Maine), Jay Rockefeller (D-WV) and Dianne Feinstein (D-Calif.). That legislation would empower DHS to produce a regulation that requires private companies owning designated critical infrastructure to certify their cybersecurity capabilities rise to an appropriate level.
The general’s comments drew a sharp rebuke from Sen. John McCain (R-Ariz.), who has introduced competing legislation known as the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information and Technology (SECURE IT) Act of 2012 (S. 2151). The SECURE IT Act would not provide any additional authorities to DHS or NSA but it would provide liability protections for the private sector to share cyberthreat information through established channels and the Department of Commerce…
Alexander disagreed, noting that DHS should take the lead domestically on building national resilience and working with civilian agencies while DoD takes on foreign cyberthreats. Along with the FBI, the agencies would then work in concert, as “cyber is a team sport,” Alexander said…
[Outside article excerpt]….A CDT analysis found both bills have broadly written provisions that would:
• Share private communications with the National Security Agency and other federal entities, or with any other federal agency designated by the Department of Homeland Security.
• Monitor private communications passing over the networks of companies and Internet service providers.
• Employ countermeasures against Internet traffic.
In an effort to smooth passage, one provision has already been removed from the Lieberman-Collins bill that critics claimed would have given the president a “kill switch” to essentially turn off the Internet.
Meanwhile, Senator McCain’s competing bill would not offer new regulations, but instead promote information sharing with the government by providing immunity protection from lawsuits, among other things.
There have been rumors floating around for a couple of months that Obama will handle the internet security issue via executive order. Now a reporter at the Federal News Radio claims that his news organization has seen a draft of the proposed executive order. Furthermore, the fact that a White House spokesperson was willing to go on record with the statement that the WH was considering an executive order on the matter is indicative that such an order will likely be forthcoming. When the ACLU and various other watchdog groups warned about CISPA, the Lieberman-Collins bill, etc., they suggested we send letters to our Congresspersons voicing our concerns. I am not sure how effective a petition or letter is when the legislation you don’t want to see enacted is being written and passed by the
King President alone. Just how seriously he takes “the people” is pretty well indicated by the fact that he is considering issuing an executive order on this in the first place. And let’s get real – this is the same guy who claims the right to kill whomever he chooses anywhere in the world.
With Congress still unable to iron out a cyber-security bill that both sides of the Legislative Branch can get behind, the White House has drafted an Executive Order that they will roll out if efforts on Capitol Hill remain unproductive.
Despite repeated pleas from lawmakers and other federal officials to have a cybersecurity legislation adopted by the United States government, members of the House and Senate have been unwilling to compromise on a bill. With every attempt at passing cybersecurity legislation ending with roadblocks, the White House has now announced that it is considering taking measures into their own hands.
White House spokeswoman Caitlin Hayden tells the Washington Post that “an Executive Order is among the things we’re considering to fulfill the president’s direction to us to do absolutely everything we can to better protect our nation against today’s cyberthreats,” though has not confirmed how far along the White House is with efforts to enact such an order.
It has been rumored since the congressional stalemate was first reported earlier this year that the White House may bypass Capitol Hill and create legislation on their own, especially after the Obama administration’s cybersecurity coordinator, Howard A. Schmidt, resigned from his post in May. Schmidt had been perhaps the administration’s most adamant opponent of the House of Representatives-approved Cyber Intelligence Sharing and Protection Act, or CISPA, and was said by many to be the key White House staffer siding against the bill. Now with Schmidt out of the White House and lawmakers on both sides of the aisle still asking for a CISPA-like bill to be approved into law, US President Barack Obama may sign an order that’ll ensure that America’s computer infrastructure is safe guarded under a new directive immediately.
Federal News Radio reporter Jason Miller says his outlet has seen a draft of the order and compares it heavily with the comprehensive cyber legislation introduced by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R- Maine) this past July that has been unable to clear the Senate. If the copy Federal News claims to have seen is adopted, Miller writes that it will required the US Department of Homeland Security to establish a cybersecurity council within 90 days that will “develop a report to determine which agencies should regulate which parts of the critical infrastructure.”
The Post adds that the council will consist of representatives from the Commerce, Defense, Treasury, Energy and Justice departments, as well as another from the Director of National Intelligence’s Office.
Miller also adds that the order, in its latest incarnation, would include information-sharing provisions similar to what was included in CISPA, but would not, however, necessarily reward private sector corporations with incentives for openly sharing intelligence with the government.
“Sources say it doesn’t advocate for rewards or more tangible incentives such as liability protection like the Lieberman-Collins bill does,” Miller adds.
Sen. Ron Wyden (D-Oregon), one of the most outspoken opponents of CISPA, said that the House’s original attempt at cybersecurity legislation paved the way for some serious problems because of those protections. Back in May, Sen. Wyden said, “Our job is to write a cyber-security bill that protects Americans’ security and their fundamental right to privacy,” but argued that all attempts had been misguided.
“I believe these bills will encourage the development of a cyber-security industry that profits from fear and whose currency is Americans private data” he said. “These bills create a Cyber Industrial Complex that has an interest in preserving the problem to which it is the solution.”
Update, Thursday, 13 Sept.
It looks as though there will indeed be an executive order forthcoming. Note particularly this sentence, which indicates that the order can be added to later on based on recommendations from staffers: “More so, however,the executive order appears to lay down the groundwork for federal staffers assigned to a committee established under the directive to design further cybersecurity acts once the order is signed.” From the wording, it can be assumed that any later additions to the order are likewise not expected to need Congressional approval.
This is from the AP, via RT, which has seen a draft of the order:
White House leaks draft of CISPA-like cybersecurity executive order
Published: 12 September, 2012, 21:21 Edited: 12 September, 2012, 21:21
The White House has leaked further details on a planned executive order that lets US President Barack Obama lay out blueprints for a program tasked with protecting America’s computer infrastructure following Congress’ failure to do so themselves.
The Associated Press has obtained a draft of what they describe as the cybersecurity executive order that has long been rumored as on the way but only recently confirmed by White House insiders. Last week, officials within the Obama administration acknowledged that the president was planning to release a directive to expedite protection of America’s cyber infrastructure, and now the AP says they have come into possession with a copy of it.
Among the AP’s claims, the executive order will establish a critical infrastructure cybersecurity council manned by the US Department of Homeland Security that will be staffed by members of the departments of defense, justice and commerce, and national intelligence office, who “would submit a report to the president to assess threats, vulnerabilities and consequences for all critical infrastructure sectors.”
The AP says the draft outlines rules for federal agencies to propose new regulations or broaden existing ones and includes other provisions involving the sharing of data between private corporations and the federal government.
The White House has not announced when the president will authorize the executive order, but its mere existence is all but certain to be a response to the Legislative Branch’s inability to compromise on a cybersecurity bill between members of both the House of Representatives and the Senate. Lawmakers in the House were able to largely agree on one such bill this year, the Cyber Intelligence Sharing and Protection Act, or CISPA, but efforts on the part of the Senate to draft a similar bill on their own end were futile, leaving Washington essentially deadlocked on the issue, much to the chagrin of those they have made hawkish calls for an immediate and extensive law.
Had CISPA been signed into law, it would have offered incentives to private companies who shared personal user info submitted online with the US government under the guise of being a necessity for national security. The White House released a statement of administrative policy in response back in April condemning CISPA on the basis that it failed “to provide authorities to ensure that the nation’s core critical infrastructure is protected while repealing important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality and civil liberties safeguards.”
“Moreover, information sharing, while an essential component of comprehensive legislation, is not alone enough to protect the nation’s core critical infrastructure from cyber threats,” the White House originally wrote.
The Obama administration said earlier this year that president would veto CISPA if a copy of the bill made its way to the oval office, but skeptics have been unsure of Mr. Obama’s take as of late, specifically after cybersecurity coordinator Howard A. Schmidt left his position within the administration in May. Now the White House has revealed their own plans for a cybersecurity bill that, while largely different from CISPA in some aspects, certainly borrows from some parts of that bill.
The AP reports that third-party companies will not necessarily be bound to sharing intelligence with the government in exchange for certain incentives, although they will be able to voluntarily provide information. Federal News Radio reporter Jason Miller claims to have seen excerpts from the executive order last week and described it more closely related to the comprehensive cyber legislation introduced by Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R- Maine) than CISPA, but added, “Sources say it doesn’t advocate for rewards or more tangible incentives such as liability protection like the Lieberman-Collins bill does.”
More so, however, the executive order appears to lay down the groundwork for federal staffers assigned to a committee established under the directive to design further cybersecurity acts once the order is signed.
“The private sector would collaborate with the cybersecurity council and also cooperate with NIST in the development of cybersecurity guidance,” the AP describes the order, while also seeking “better digital defenses for critical infrastructure while encouraging economic prosperity and promoting privacy and civil liberties.”
White House spokeswoman Caitlin Hayden told the Washington Post last week, “an Executive Order is among the things we’re considering to fulfill the president’s direction to us to do absolutely everything we can to better protect our nation against today’s cyberthreats.”