The Cybersecurity Act of 2009

There are some issues, but all is not horrible. Check out the pdf to bring yourself up to speed on what's coming.

Basically, Section 14 is potentially unconstitutional based on the 4th amendment. See the text beginning on page 38 of the document I've linked above:

(a) DESIGNATION.—The Department of Commerce
shall serve as the clearinghouse of cybersecurity threat
and vulnerability information to Federal government and
private sector owned critical infrastructure information
systems and networks.
(b) FUNCTIONS.—The Secretary of Commerce—
(1) shall have access to all relevant data con-
cerning such networks without regard to any provi-
sion of law, regulation, rule, or policy restricting
such access;

The emphasis above is mine. First of all, the government having unfettered access to private sector ANYTHING is highly problematic. Secondly, why on earth would they need access to the data concerning these networks? Access to any private data requires a warrant. Enough is enough with the OMGEMERGENCY policy.

I see where banks have taken TARP money from the government are now unable to get them out of the banks even by paying the money back. And now with the forced management change at GM, here is another timely piece:

SEC. 18. CYBERSECURITY RESPONSIBILITIES AND AUTHOR-
ITY.
The President—
(1) within 1 year after the date of enactment
of this Act, shall develop and implement a com-
prehensive national cybersecurity strategy, which
shall include—
(A) a long-term vision of the nation’s cy-
bersecurity future; and
(B) a plan that encompasses all aspects of
national security, including the participation of
the private sector, including critical infrastruc-
ture operators and managers;
(2) may declare a cybersecurity emergency and
order the limitation or shutdown of Internet traffic
to and from any compromised Federal government
or United States critical infrastructure information
system or network;
[snip]
(6) may order the disconnection of any Federal
government or United States critical infrastructure
information systems or networks in the interest of
national security;

I do not trust anyone in government with this level of power. At this point I wonder if this could even be enforced? Could the President order the disconnection of private networks if they are deemed "critical infrastructure?" What is the penalty if someone says "NO" or simply provides a way around these controls? We already know how well the DMCA has been working for our best interest...

Here's hoping there will be loads of negotiation over this and the bill will be corrected as it must be.