Congressman Langevin Should Tell Us What He Means
Given its title, I had hoped for some blogworthy meat in Rep. James Langevin’s Sunday op-ed, “U.S. needs more control over Internet,” but having read the thing, I’d be hard pressed to describe what he’s proposing. The reader gets this at the beginning:
A NEWLY INTRODUCED Senate bill, the Cybersecurity Act of 2009, which would establish cyber security standards for both the government and the private sector, and create a national cyber security officer within the office of the president, is a notable development in our nation’s effort to craft a comprehensive national cyber security strategy.
And this in the middle:
True protection requires cyber resilience. But that can only be achieved through collective action and cooperation on a scale rarely witnessed before: a national effort involving business, government and society — similar to the way “Y2K” was approached, but designed for the long-haul not just one event. No single organization has the capacity to build this resilience. We need to work as a large and inclusive community across government, industry and non-profit organizations — a mega-community of sorts.
But what does this mean? And how can a “mega-community” help but be open to infiltration and attack?
The underlying question is, I suppose, why Mr. Langevin thought his essay worth writing in the first place. A quick review of the Cybersecurity Act text suggests that its main thrust is to create panels, programs, and centers — another bureaucracy — that will assess and address problems related to cybersecurity, not only for national security purposes, but also to protect intellectual property rights. That’s all fine, but is this what now constitutes “action afoot” in the federal government?
I’m afraid so. When we the voters are brought into the fold, the information is vague warnings and declarations of a need for collaboration and, of course, spending. Somehow, at the tail-end of the process, we seem always to be spending more of our money to finance somebody else’s investigation into methods of curtailing our freedom of motion and of information.
Aren’t there already agencies in the federal government tasked with ensuring our security? I’d suggest that we could add cybersecurity to their responsibilities and then require them to provide detailed explanations for why they need to reallocate or acquire additional funds to address specific problems. Instead, we get politicians who wish most to create the image that they are doing something — while pinning themselves to as few specific policies as possible — and an ultimately unaccountable bureaucracy that will never go away, even when the prefix “cyber-” is a quaint relic of the past.