On Tuesday, during the State of the Union address, Barack Obama announced he had signed an executive order pertaining to cyber security. It would allow federal agencies to share information with private industries about cyber-threats and attacks, along with activities of known criminals and cyber-terrorists. The reverse would also be allowed; private companies could provided information to federal agencies. This is nothing more than the Obama administration attempting to do an end around the Legislative Branch, but the only issue is his executive order is not law.
This executive order has been in the works for some time and was even spoken of openly by Department of Homeland Security Secretary Janet Napolitano last year as a means to go around Congress, the actual legislative body. When the cyber security bill suffered a massive defeat in November, but unknown to many Obama had signed a secret cyber security directive in mid-October.
The Washington Post reported on the directive:
Presidential Policy Directive 20 establishes a broad and strict set of standards to guide the operations of federal agencies in confronting threats in cyberspace, according to several U.S. officials who have seen the classified document and are not authorized to speak on the record. The president signed it in mid-October.
The new directive is the most extensive White House effort to date to wrestle with what constitutes an “offensive” and a “defensive” action in the rapidly evolving world of cyberwar and cyberterrorism, where an attack can be launched in milliseconds by unknown assailants utilizing a circuitous route. For the first time, the directive explicitly makes a distinction between network defense and cyber-operations to guide officials charged with making often-rapid decisions when confronted with threats.
The policy stated in the executive order is:
Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation's critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.
The executive order is massive in text and scope. Paul Rosenzweig and David Inserra at the Heritage Foundation wrote, "The EO uses a very broad definition of critical infrastructure, defining it as 'systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.'"
"Such a broad definition could be understood to include systems normally considered outside the cybersecurity conversation, such as agriculture," they continued. "While there is no way of knowing how far implementation will actually go, this broad definition is certainly concerning."
One has to consider the issue of the Federal government being in bed with businesses and sharing private information. It may seem like a positive thing, but then it is also an intrusion into a place government has no business.
Susan Posel reports,
Corporations can voluntarily apply for the DIB and purchase services on security for networks. Corporations who provide contact information for the federal government regarding DIB are AT&T and CenturyLink.
The sharing of information from the private sector to the federal government will exponentially increase under the guise of cybersecurity and protection of critical infrastructure.
Civil liberties are “protected” unless the federal government finds a necessity for information on US citizens. What is protected under civil liberties will be decided by the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS.
Posel went on to conclude,
"Operation Last Resort culminated in the hacking of the Department of Justice (DoJ) and the US Sentencing Commission (USSC); as well as the publication of information on the internet that was siphoned from the Federal Reserve Bank.
However, knowing that these groups are funded by the CIA and actually have members of the CIA in their group changes the meaning of these measures to eradicate them. They become a false flag operation that will only end in the restriction of American liberties.
Considering that the US government has been making ample attempts to control or shut down the internet, it appears the logical conclusion that these groups are working toward that end."
While many security experts rejoiced at the announcement of Obama's executive order and claimed it was a good thing, they should realize something: it is not law. It is an executive order and can only impact those under the executive branch. It cannot coerce private industry. It cannot be enforced. But it tells the world that Obama is serious enough to say he wants something done.
That doesn't mean legislation won't follow. Wayne Rash reports, "On the day after President Obama signed his executive order, a bipartisan bill known as H.R. 624 - The Cyber Intelligence Sharing and Protection Act of 2013 was introduced in the House of Representatives. If the name of this bill seems familiar, it should. It’s better known by its acronym CISPA and the bill is identical to the amended bill that failed previously in the Senate.
"But the bottom line on the executive order is that it doesn’t have the force of law," Rash added. "There’s nothing the order can do, for example, to prevent a piece of the national critical infrastructure such as a power plant from ignoring the best practices, blowing off the advice and leaving computers without protection of any kind. As you’ll remember, this has happened once and it’s certain to happen again."Don't forget to Like Freedom Outpost on Facebook, Google Plus, & Twitter. You can also get Freedom Outpost delivered to your Amazon Kindle device here.