Letting our lawmakers make laws about cybersecurity is probably a mistake

Letting our lawmakers make laws about cybersecurity is probably a mistake

Summary: We'll wind up with a law that substantially reduces our privacy, increases costs to most companies, does not protect us from cyberattacks, and doesn't get the job done.

TOPICS: Security

Yes, I am fully cognizant of the paradox of this article's headline. We in America are stuck with the problem that our laws, if not written by, are at least approved by...politicians. As a result, our laws often reflect political reality more than, say, real reality.

Take CISPA. No, please. Take it.

We've talked about CISPA before. We've talked about how important it is for America to have strong cybersecurity protection, but how we also need to protect the privacy of American citizens.

We've talked about how that's a fine line to walk.


So, CISPA has passed the House, but now the Senate is debating their own version of the cybersecurity bill.

See also: CISPA: more heinous than SOPA, and it just passed

Here's the thing. Debating doesn't really mean "debating". Debating means that one party demands one thing, the other party demands the other thing, lots of phone calls and texts go back and forth, deals are made that sell out one segment of the populace or the other, and eventually a bill gets passed that doesn't really help anyone.

Cybersecurity is on that fast track. Oh, joy.

Now, let's understand something. Cybersecurity is about protecting America and American interests from attacks over the digital battlespace. It's about making sure terrorists or nation states or criminal groups can't take down critical Web sites and critical infrastructure.

But our lawmakers are somehow missing that important point.

For example, instead of just sticking to cybersecurity in the cybersecurity bill, some Senators are tossing in the entire cyber sink. Some of the Senators working on the Senate's version of the cybersecurity bill want to add provisions that allow not just cyberthreat information, but online personal information to be used in ways that might violate American's rights -- just because it's online.

See also: Ben Franklin would say our online liberty is the same as liberty itself

Some of the senators want to remove provisions that set mandatory standards in the cybersecurity bill which are designed to protect critical infrastructure, because, they claim that "mandates" (to some politicians, anything that's mandatory is a "mandate") are bad.

In fact, former Presidential candidate John McCain said, "Unelected bureaucrats at the DHS [Department of Homeland Security] could ... divert resources from actual cybersecurity to compliance with government mandates."

Here's my problem with this, and let's be clear that whether the speaker were Democrat or Republican, I'd have a problem with it.

If you're going to pass a cybersecurity bill, I would think that protecting our critical infrastructure would be, how can I say this, central to the purpose of the bill. That's what the whole bill is supposed to be about.

And that's why I think it's a shame that our lawmakers are the ones making the laws. Because somewhere between the problem statement (i.e., protect America's critical infrastructure from cyberthreat) and the solution (i.e., stick in everything we need to pass the sucker and take out everything that might require hard work), we LOST THE POINT!

We're probably going to wind up with a law that substantially reduces our privacy, increases costs to most companies, does not protect us from cyberattacks, and doesn't get the job done.

In other words, it's business as usual. You know what that means for us, you and me, and all the other IT people who read ZDNet?

Same ol', same ol'. Use best practices, update your software, install firewalls and intrusion detection and prevention gear, try not to let personal USB devices inside the firewall, and keep doing the job IT managers have had to do for years.

No Washington cybersecurity bill is going to help. Really? Did you ever expect it would?

Topic: Security


David Gewirtz, Distinguished Lecturer at CBS Interactive, is an author, U.S. policy advisor, and computer scientist. He is featured in the History Channel special The President's Book of Secrets and is a member of the National Press Club.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Ugh!

    Many politicians cannot tell the difference between a JPEG and a mumbly-peg, hardware from software (they say, "I can feel it so it must be hardware!"), add you own to that list. Do not believe me then watch some of the Internet and security debates on TV or those posted on YouTube. If it was not so sad and scary it would be funny watching them on the floor of the House and Senate, in committee meetings shown on TV, and seeing them on talk shows displaying their ignorance and stupidity about the Internet.

    Many struggle using e-mail yet they want to write legislation about Internet security. This picture is all wrong.
  • But you're perfectly happy having this same group of

    people run your health care.
    • Good one, baggins_z; some people pick their fights,

      and then, when the issue is near and dear to their hearts, the government and legislators know best.
  • Yes, it's true...

    When your national legislators have been the butt of jokes as long as ours have, there is something [i]seriously[/i] wrong with the whole legislative process.

    Back in the days of Nixon, before he left office, our Congress actually seemed to be able to get things done, things that actually benefited the country. Now all we have is stalemate, gridlock, and political posturing mandated by ideological rigidity.

    Tea party, begone! Move On, get lost! I want to see adults populate the halls of Congress, not the present gang of bozos, with very few exceptions. I want to see pragmatists, not ideologues. I want to see politics become once again the "art of the possible." Right now, it's the art of the impossible.

    I wish I knew what it would take to make this happen. As it is, all I can do at this time is to try to find someone to vote for this fall who isn't in the pocket of one or the other partisan group. So far, my search isn't going very well.
    • At the risk of becoming flame bait...

      ...I'm going to inject religion into a discussion of politics.

      We have an awful lot of people in this country who live a selfish hedonistic lifestyle. As a libertarian I will not deny those people the right to live how they choose. However, as a Christian (no, it's not a contradiction!) I recognize that our society on a downward spiral that is going to get a lot worse before it gets better.

      The Founders recognized the importance of religion and morals in our society. In fact, they flatly stated that where the society loses their moral compass, they are unfit to govern themselves and need masters. If we want to remain free, we must also be moral.

      John Adams: "Our Constitution was made only for a moral and religious people. It is wholly inadequate to the government of any other."

      George Washington, from his farewell address: "Of all the dispositions and habits, which lead to political prosperity, Religion and Morality are indispensable supports. In vain would that man claim the tribute of Patriotism, who should labor to subvert these great pillars of human happiness, these firmest props of the duties of Men and Citizens. The mere Politician, equally with the pious man, ought to respect and to cherish them. A volume could not trace all their connexions with private and public felicity. Let it simply be asked, Where is the security for property, for reputation, for life, if the sense of religious obligation desert the oaths, which are the instruments of investigation in Courts of Justice? And let us with caution indulge the supposition, that morality can be maintained without religion. Whatever may be conceded to the influence of refined education on minds of peculiar structure, reason and experience both forbid us to expect, that national morality can prevail in exclusion of religious principle.It is substantially true, that virtue or morality is a necessary spring of popular government. The rule, indeed, extends with more or less force to every species of free government. Who, that is a sincere friend to it, can look with indifference upon attempts to shake the foundation of the fabric?"

      A true religious revival would repair most of our problems, legislative and otherwise.
      • Laughable

        The most ardent "religious" devotees in your country are often among the least moral.

        And you are conflating moral with religious.

        You are no different from the ignorant hordes in the middle east wanting to impose Sharia law on their whole countries.
      • Actually...

        @dimonic, the ones you refer to are included in my "selfish hedonistic" starting comment and are why my closing statement referred to a "true" religious revival (as opposed to what you've seen from the hypocrites). I'm talking about the ones who actually live the message of the Jewish Carpenter not those who use the name for whatever other reasons they have.

        I said nothing about imposing any morality by law, in fact I said quite the opposite. The point is that without the morality, the society ends up drifting to totalitarianism because the people cannot control their urges.
      • RE: A true religious revival would repair most of our problems

        [b]Ya, right!!!![/b]

        Substitute one of `control freaks` for another.

        I have had my share of 'bible thumping Christians' that would last several lifetimes.

        Some are so [i]narrow minded[/i], that their idea of 'what is acceptable' can be compared to the field of view offered by a 1/2 inch diameter pipe, versus looking at the open sky.
      • You people ARE NOT LISTENING

        And you accuse me of being what exactly, intolerant and narrow minded?

        Read what I said, not your preconcieved notion of what "religion and morality" means.
      • Washington was a Deist, you know.

        I'm totally in agreement with you that a moral compass is vitally necessary and often sadly lacking these days, in politics and most other endeavors. You pretty much lost me by subscribing to the notion that the only place to find such a compass is in religion. If all else fails, there is such a thing as enlightened self-interested and I think we could use a little more of that, too.

        Unfortunately, I'm finding it harder and harder to dismiss those who claim that something like one in 20 people is a diagnosable sociopath, and that this lends such people exactly the traits they need to thrive in endeavors such as business and politics. The state of affairs generally and the behavior of some public figures seems to support that hypothesis. If this is the case, no religious revival or moral renaissance is going to help; our fate is largely in the hands of those who truly possess no conscience and are incapable of feeling guilt, compassion or remorse. Scary stuff.

        To bring this back around to the topic, do you bring up the matter of selfish hedonism and morality in relation to the circumvention of intellectual property laws by individuals, the push for aggressive expansion of those laws by big media (leading to some of the privacy- and freedom-eroding excesses we see in these so-called cybersecurity bills,) or both? Or are you pursuing another line of thought entirely that's unclear to me?
      • @Ginevra, good questions.

        "You pretty much lost me by subscribing to the notion that the only place to find such a compass is in religion" - I didn't say that, George Washington did. If he was a deist as you said, even so he recognized the value of religion and morality and deeply linked the two together.

        If there's a sociopathic element to it where the worst element of society are naturally predisposed to become our leaders, we are indeed in bad shape. But a "moral and religious people" (again, John Adams' words, not mine) would recognize when these people are running for office and vote against them. The main problem now is that those of us who are not sociopaths have been idle for far too long and let the inmates completely overrun the asylum.

        I believe the lack of morality is at the root of both problems. The wanton violation of intellectual property rights, and the corporate greed that pushes for the ever-restrictive and privacy violating laws. Again, a "moral and religious" people would be less inclined to steal stuff in the first place, and would probably figure out how to make a decent profit in their business enterprises without being unreasonably expensive or restrictive.

        Suggested reading: The 5000 Year Leap
    • Congress reflects the people. If Congress is divided in

      ideological gridlock, it is because the American public is also locked in ideological gridlock. This will continue until one ideology or the other prevails.
      • Far too many people do not understand that, politics and free-thought,

        go hand-in-hand, and where politics allows for more than one set of opinions, gridlock is unavoidable, and, that's a good thing. Where politics is of the kind where only one train of thought is allowed, such as in communism, there really is no real body of legislators that represent the people. In totalitarian and authoritarian states, there won't be gridlock, since, there is but one set of rules, which come from the top, to all, including whatever farce claims to represent "the people".
      • Living in an illusion of what a one party state is about

        One party states have gridlock and tons of compromises. There are factions and internal battles all over the place.

        Even those parties in democracies dream of having absolute power, but it doesn't happen.

        In Australia, the Liberal-National Party coalition at one point a few years ago had a majority in both houses. You could hear the cheers when this situation came about as they thought that they would be able to legislate all the favoured party policies without hinderance.

        However, out of the woodwork, all the fringe elements in their own parties suddenly realised they held the balance of power and started to behave just like the former minor parties that held balance of power, and held up legislation to push their own agendas.

        The lesson is that one party is NOT one party, but just another bunch of people battling it out for power, forming factions and pushing their own agenda.

        It's just that like in multi-party systems, you don't see all that is going on under the surface. Unity is an illusion that any party wants us to believe, whether they are the only party or one in a so-called democracy.

        After all Gorbachov somehow came to power in the middle of Communist USSR, despite all the military macho posturing at the time.
      • Patanjali: You fail to understand the ideology of communism,

        and, though there may be internal conflicts and "family feuds", the one thing that doesn't change, is the general direction of the "one party rule" with communism.

        The other parts of your post are "duh!" moments. Yeah, even in countries where democracy is the form of government, and multiple parties at one time or another gain power, there will be those whose ambitions is to institute "one party rule". That's what the constitution is supposed to overcome, with elections and the electoral system, and the separation of powers. In a communist state, there aren't "free" and fair elections, and the party system is a farce, since, there can only be one party.
      • Diametric opposition

        Gridlock is inevitable when sides have mutually exclusive views. A number of voices have called for unity and compromise, but there are arguments where there is no "middle ground."

        If one side says we should step back from a cliff and the other side says we should run off the cliff, should we compromise and slowly walk off the cliff?
      • Extreme ideology can't prevail

        One ideology or the other will "prevail" by getting 61 filibuster-proof Senators, 218 Representatives, 5 Supreme Court justices, and a President all in cahoots, but unfortunately both ideologies currently in play are so extreme and so focused on defeat of the other that they don't care how severely they destroy the country in the process. Both extremes are so destructive to the country that as one side overpowers the other its destruction will be recognized and replaced by the other. Unfortunately, voices of reason have been stifled by the self-serving bribes of legislators and regulators by special interests and the misguided kapillions of dollars going to lie-spreading, dialogue-suppressing PACs.
    • It's so ironic that, those "tea party" people are the ones that are trying

      to save your azz from the political mistakes that the legislators and the president continue to make.

      Now, would you prefer the "occupy" movement to be the ones dictating to the legislators what kind of legislation they should be writing? You didn't mention the "occupy" movement, and why is that?
    • Campaign Finance reform

      You're correct. Both parties establish positions based on how much cash the individual raises for the party. This allows the party to enforce the do as we say or we'll run someone against you. Cash is not free speech it's to purchase goods and services. Fund raising removes the question of leadership or subject matter knowledge. Don't laugh too hard at that thought. I'd like the committee members to know something about or have a constituent interest in the subject; not I raised the most and this committee gives me the most visibility.

      As long as the party controls the money they control the politician. The politicians should respond to the nation, their district or state, the world, and then the party needs in that order. Notice reelection didn't make the list.
  • In the name of "Security".......

    If you put the words "security" or "protecting children" in any proposal, these jerks we call Representatives see a green flag to attach their own special interest garbage. At the very best you get a camel in place of a horse - at the worst you get some monstrous creation like "Homeland Security" and TSA. This system is just not capable of dealing with such complex issues, given the present political landscape.