Another attempt at a cyber security bill is on the horizon with H.R. 234, introduced by Rep. C. A. Dutch Ruppersberger of Maryland. Given the past breaches of security in our country's history, allowing an unprepared government to have control over all of our infrastructure’s technological information is not only unwise, but also simply stupid.
Cyber security is a relatively new area that is receiving political attention. For us, it refers to the security of information stored in data of corporations and companies that are operating in the United States. Securing this data includes preventing cyber crimes and cyber threats. One example of a breach of cyber security is the infamous Sony hack in November of 2014.
Representatives and activists alike called for regulations and safeguards to be put in place so that the security of American companies would be protected against internal and external threats. The government’s response was the introduction of H.R. 3523 in 2011. This was quickly shut down and then followed by H.R. 624 in 2013, which also failed to gain traction. Although there have already been two almost identical bills that were defeated before reaching the senate, Rep. Ruppersberger seems to think that the third time is the charm.
The reason for the past two bills' failures lies in the ambiguity of what constitutes a cyber crime or threat. Here’s how the failed bills and current bill both work: Corporations and companies in the U.S. enter a contract with the federal government for cyber security protection. The federal government is then able to send any piece of data relative to "cyber crimes and threats" to the Department of Homeland Security and the Department of Justice, respectively. If the information is found to be impractical, it can be repurposed and evaluated for other breaches of security.
If H.R. 234 passes, every single American would be subject to cyber monitoring, via personal identifying information lying in the data banks of major corporations in the U.S., without being any the wiser. With this information, the government would be able to identify any individual linked to any type of cyber crime or cyber threat, using only the ambiguous definitions in current existence.
With the vagueness of protocol found in H.R. 234, our government would be able to create a virtual surveillance state, constantly monitoring technological data banks for any action that they feel constitutes a cyber threat. This ability, as Ron Paul so aptly stated, is "Big Brother writ large."
In the spring of 2015, we learned of hackings that had taken place in the databases of the State Department, the White House and the NSA. The hackers of the NSA did so with only $104 in eight hours.
Before companies start handing over information pertaining to themselves and millions of Americans, the question of if the United States government is equipped enough to protect that information while simultaneously using it for crime prevention needs to be answered.
Right now, that answer is clearly no.