The White House guidance says nothing about presidential powers during an emergency, including whether the president has the right to segregate parts of the private cyberinfastructure if he feels they pose a significant danger during an emergency situation. Congress wants the president to have this authority but also wants to circumscribe it and force the president to report triggering what detractors call an "Internet kill switch."
Two weeks ago, the White House rolled out its National Strategy for Trusted Identities in Cyberspace, which aims to speed to market secure means to buy, sell, trade, and participate on social networks in ways that are protected from outside intrusion. But its Office of Cyber Policy has been relatively otherwise, with director Howard Schmidt playing a behind-the-scenes role coordinating the scaling up of efforts to secure the .gov and .mil domains, as well as boosting the federal government’s interaction with the private sector. He meets weekly with counterparts across the government, holding what one official called “deconflicting” sessions. The new military Cyber Command is still in the build-up phase, but defense and intelligence cyberactivities are being better coordinated, officials said.
The White House says it has completed all 10 "near-term" actions recommended by its own cyberpolicy review, which was released in June 2009. That includes the standing up of a cybersecurity policy office, the appointment of a civil liberties and privacy official, the creation of a national public awareness campaign about cybersecurity, and the development of a process to create interntional legal standards for cyberengagement. The Department of Homeland Security has created a cybersecurity incident response plan, though its mechanisms are not at capacity. It has been tested via exercises.
Last summer, Senate Majority Leader Harry Reid, D-Nev., told the White House he would work to bridge the differences within his chamber and send a bill to the White House before the end of the year, but that was delayed by the midterm elections. Cyber legislation was then knocked down a few rungs because of the high-profile budget fight in Congress. But now, House Republicans have appointed staff to the key committees and informal meetings are restarting.
Both the bipartisan 2012 intelligence authorization and House Armed Services Chairman Buck McKeon’s chairman’s mark of the defense authorization bill urge the White House to clarify how the U.S. military can use cyberwarfare. McKeon wants the Defense secretary given explicit authority to approve all such operations, even though they are conducted at the behest of intelligence agencies. The intelligence committees are keen to delegate that authority, arguing that cyberoperations are part of the toolkit that the community can use when the president authorizes covert action in a particular country. The Judiciary Committee remains concerned about the extent to which the National Security Agency and the Homeland Security Department cooperate to protect civilian, military, and government domains.
Want the news first every morning? Sign up for National Journal’s Need-to-Know Memo. Short items to prepare you for the day.