Back to News & Commentary

Happy Cybersecurity Awareness Month!

Michelle Richardson,
Legislative Counsel, ACLU Washington Legislative Office
Share This Page
October 6, 2011

Happy Cybersecurity Awareness Month! Yes, this is a real thing, but don’t worry if you haven’t sent cards celebrating the holiday to friends. The government uses this month to educate citizens and companies about how to protect themselves online throughout the month of October. We, however, would like to educate you about how cybersecurity may justify the next series of big brother powers. Congress and the administration are proposing extraordinary new programs that may infringe on your First and Fourth Amendment rights if they are not carefully drawn, including a broad exemption to all of our privacy laws.

The Senate proposed ‘kill switch’ would give the President undefined authority to cut off or limit access to the internet in case of national security threat or emergency. The administration’s position on this contains both good news and bad news. The good: they don’t want a new ‘kill switch.’ The bad: they believe they already have sufficient powers to respond to a dire threat, including a 6 decades-old kill switch that was created after Pearl Harbor to interfere with phone and radio communications. Of course, there is no public explanation of what the administration believes their current authority is — and Congress has been asking for it for over a year. That’s why we filed a FOIA – to dislodge this information. The public and Congress deserve to know what powers the executive branch believes it has to shut down or limit access to the internet.

The second problem is with the White House’s legislative proposal for increased ‘information sharing.’ Well, this sure sounds innocuous. Who doesn’t want more information?! This is the information age, people. However, this provision allows companies who hold your private information to share it with the Department of Homeland Security (DHS) for “cybersecurity purposes,” which is broadly defined to include fighting all sorts of bad internet behavior. The companies would get to decide whether they should keep your identity and personal information private when they turn the data over to DHS. Of course, they will get immunity for making a ‘good faith’ effort at following the law — which ultimately means that if they foul up, you as a consumer won’t be able to hold them accountable in court. And to be clear, this provision is written as an exemption to all privacy laws — so that gun records, medical records, census data and more can be given to DHS in addition to your internet information. Because there is a dearth of information on what current information sharing practices are, we’ve filed a FOIA for that guidance too.

Congress may vote on these or similar proposals as early as this fall. Senate Majority Leader Reid has organized multi-committee, bipartisan task forces to discuss how to meld the main Senate bill authorized by Senators Lieberman, Collins, and-Carper and White House proposals, and House Speaker Boehner appointed Republican members of the committees of jurisdiction to investigate and report back to him with recommendations this month. How far they get and how fast remains to be seen, but get ready, and check back here for more in-depth analysis and actions you can take to protect your privacy and freedom to communicate.

Learn more about cybersecurity: Sign up for breaking news alerts, follow us on Twitter, and like us on Facebook.

Learn More About the Issues on This Page