In the last couple of days, a number of blogs and stories have popped up questioning whether the Senate cybersecurity legislation to be introduced next week incorporates the ill-fated SOPA/PIPA legislation or is somehow going to harm the Internet as many claimed SOPA/PIPA would.
Now, I have reviewed the drafts of the cybersecurity bill. I know a bit about cybersecurity. Cybersecurity has been a friend of mine. And, quite simply, the proposed cybersecurity legislation is no SOPA/PIPA.
The proposed cybersecurity legislation, at least the drafts that have circulated, address a serious problem: the vulnerability of the networks and computers that run our lives. It provides for the development of a cybersecurity workforce, research and development, and assuring that individuals are trained about proper cybersecurity practices. The bill also fixes the Federal Information Systems Management Act (FISMA), which dictates how the government protects its own systems. Some versions also address how critical infrastructure (e.g. the electric grid, nuclear plants, telecommunications networks, etc.) providers protect their systems and how information is shared across sectors and between the government and the private sector. It addresses cybercrime penalties.
Essentially, in concept, the bill aims to protect us from bad actors. It continues to be tweaked to address issues raised by the private sector and privacy groups but that is a normal legislative process to reach consensus. The SOPA/PIPA debate was an industry-vs-industry fight that evolved into the content and Silicon Valley industries trying to preserve their vision of the future of technology and intellectual property.
There is no industry-vs-industry fight here. The government has been struggling to counter cyber threats for decades. For almost as long, we’ve heard of the struggle to secure critical infrastructure, 85 percent of which is owned by the private sector. The fight here is not tech versus traditional but us versus the hackers, foreign nations, and rogue actors who could destroy the very technology that enables so much in our lives.
I understand the fear among some lawmakers about tackling another “SOPA/PIPA” after the grassroots efforts to sideline those bills. But SOPA/PIPA, for the good of the nation, should not be equated with all tech issues. The word “Internet legislation” should neither be a bad nor forbidden phrase. Smart legislating that assures that innovation and the Internet thrive while also protecting the security of both should be our goal.
Quite simply, let’s not fall into a trap that equates cybersecurity with SOPA/PIPA. It doesn’t serve our computer networks or our nation’s security well.