I've changed my mind. America must never allow an Internet "kill switch". Here's why.

Summary:America was founded on a system of checks and balances. Anything that provides this much power and explicitly removes the checks and balances can't be allowed to stand.

It's been an interesting week. For us here in America, and for most Internet users worldwide, we got to see -- from the outside -- what it looks like when a country drops offline.

It ain't pretty.

In fact, it's shockingly disturbing. It was Egypt, of course, that went dark for a week. That country, like many in the Middle East, is in turmoil for reasons far greater than Internet access.

But when Egypt went off the grid, we got to see just how much we -- and by "we," I mean the entire world -- rely on our ability to connect to the Internet.

The Internet "kill switch" bill

That brings me to what the press has been calling the Internet "kill switch". There's a bill that's working its way through the sausage factory we call the United States Congress. It's officially called the "Protecting Cyberspace as a National Asset Act".

The reason the press and bloggers have been calling this bill the "kill switch" bill is because one purpose of this bill is to give the President what would effectively be cyberspace war powers, and as the discussion goes, allow him (or her) to shut down America's Internet, completely.

As a cyberwarfare adviser, I was originally a proponent of the idea of complete shutdown in times of extreme attack. I felt it might be necessary to completely shut out the attackers, and by turning everything off, an attack that might be spreading through botnets could be cut off at the neck.

Don't get me wrong. Botnet-based attacks are absolutely terrifying, and in their worst case scenario, they could cause America grievous harm.

But I no longer believe that shutting everything off is a good idea. After watching what went on with Egypt and spending a week thinking about the issue from both a policy perspective as well as from the perspective of national defense, it's become clear that a "kill switch" that can just shut everything off is a bad, bad idea.

There are a few of you out there who are sure to call me a "flip-flopper" because I changed my mind, but I reject that characterization completely. One way a scientist learns is through observation. Those observations become data reintroduced into whatever scientific model is currently being considered. To not integrate observations into the model is to be doctrinal, not scientific. That's fundamentalist -- as well as impractical.

I changed my mind because I got more information and, after integrating that information, came up with new conclusions based on more comprehensive data. That's not flip-flopping. That's thinking.

Why a "kill switch" is a bad idea

First, many of us would be completely cut off from the rest of the nation and from our families. More and more Americans communicate via the Internet and no longer use old-fashioned hard-wired phone lines. Many of us are mobile users or VoIP users, and all would be shut off.

More to the point, many online first responders would be cut off as well. It'd be as if we locked all our Marines inside a panic room. They wouldn't do us much good cut off from the battle. The same is true of our first responders in cyberspace. If we shut off the Internet, we'd lose many of the network engineers we'll need to fight back.

If we completely shut down the Internet, we also wouldn't be able to install patches and fixes, or distribute them across the country. Many of us work remotely from the servers we manage and even our secure VPNs would be shut down, locking us out of the servers we'd need to protect, repair, or decontaminate.

If we completely shut down the Internet, our system engineers, computer scientists, and security officials would not be able to collaborate -- even on secured connections -- to fight back or recover from an attack.

Once the Internet was shut down, switching everything on at once could well be far worse than the original attack. If all our systems came back online at once, the loads on all our networks and systems would be tremendous, we'd allow in floods of new attacks, and the aftershocks could be far worse than the original attack we were defending against.

As valid as all those arguments are, there's one more reason why a nationwide "kill switch" is a very bad idea.

It's this: the Internet kill switch mechanism itself would have to be coordinated, integrated, and linked. That, alone, introduces a critical new highly-vulnerable failure point that could be targeted by attackers and terrorists.

So, now that we're agreed that implementing a nationwide Internet "kill switch" is a bad idea, what about the "Protecting Cyberspace as a National Asset Act"?

Next: The good, bad, and creepy »

« Previous: Why the kill switch is a bad idea

Is the bill a bad thing?

Since the Protecting Cyberspace Act is the Internet "kill switch" bill, shouldn't it, itself, be killed?

The answer isn't as cut and dried as you might think. See, here's the thing. The Protecting Cyberspace Act doesn't exactly provide the President with a "kill switch".

In fact, a lot of what the bill provides for are a very good ideas. The bill sets out the concept that cyberspace is a strategic asset for the United States and needs to be protected like any other strategic asset. This is good.

The bill also acknowledges that we're likely to come under severe attack and need to have a way to respond. We also need to have a single point of authority to make sure we respond in a coordinated way, instead of having all of America's security forces working at cross-purposes. That single point of authority is the President. This makes sense.

Where some people get nervous is that the bill allows the President, in extreme circumstances, to jump in and take action, and possibly take control of private assets.

Say, for example, that a massive attack is coming through Verizon's network and Verizon isn't responding. Maybe the company is overwhelmed or maybe it doesn't see it as a high priority -- or maybe the company simply doesn't want to incur the expense of paying all its engineers to work massive overtime.

To be fair, this isn't the best example, because my experience has been that Verizon takes cyberthreats extremely seriously and is fully prepared to do battle. But let's just use this example anyway.

What the bill would allow the President to do would be to take action if Verizon wasn't willing to do so. Most likely, that would involve sending in technical experts to help resolve the problem. It might involve sending in the Army Corps of Engineers to build out emergency infrastructure. Or -- and here's where it gets a little scary -- it might allow them to shut down a server or portion of a network if it's been unacceptably compromised.

This, too, is good. If America is attacked, we need to be able to respond. If we're attacked online, it's good to know that our commercial vendors would be backed up by government resources.

Go ahead and criticize Congress all you want. But don't bitch about government competence in cybersecurity. I've met and worked with a large number of U.S. government cybersecurity experts, both in the FBI and other agencies -- and these folks are among the smartest dudes I've ever encountered. They give the best of the best at Google or Microsoft a run for their money.

Anyway, let's get back to this bill. The bill -- as it stands now -- is written in such a way as to limit powers and to restrict when they can be used. Much of the bill is actually quite good.

The creepy Big Brother part

Much of it is good, but not all. There's a very weird clause in Section 254(c), Part 4 called Final Appeal. This section is the section where commercial vendors get to argue the government's decision -- both in terms of remuneration of expenses and actions to be taken.

This section has the following sentence, and it's a doozy: "A final decision in any appeal under this subsection shall be a final agency action that shall not be subject to judicial review."

Shall. Not. Be. Subject. To. Judicial. Review. That ain't good. Nope, not at all. Everything should be subject to judicial review.

The problem isn't that the bill grants exceptional powers to the President. That's why we have a President.

The problem isn't that the bill allows the government to intercede in the middle of a cyberbattle. National defense is one of the main reasons we want and need government.

No, the problem is that the bill allows for exceptional powers and government intervention -- and then explicitly prevents judicial review.

That's where it starts to get downright creepy.

So let's wrap this up.

The idea of an overall "kill switch" is bad because a centrally-coordinated "kill switch" could increase vulnerability and turning everything off would prevent us from developing a coordinated response.

Much of what's in the "Protecting Cyberspace as a National Asset Act" is actually a good idea and can help protect our national interests.

But, when judicial review is thrown out the window in this bill, then the whole thing becomes suspect. I have to recommend it go back to committee and that clause (and anything remotely like it) be removed.

America was founded on a system of checks and balances. Anything that provides this much power and explicitly removes the checks and balances can't be allowed to stand.

Topics: Security, Browser

About

In addition to hosting the ZDNet Government and ZDNet DIY-IT blogs, CBS Interactive's Distinguished Lecturer David Gewirtz is an author, U.S. policy advisor and computer scientist. He is featured in The History Channel special The President's Book of Secrets, is one of America's foremost cyber-security experts, and is a top expert on savi... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.