February 5, 2012 | Commentary on Cyber Security, National Security and Defense

Cyber Storm Warnings in Congress

Worried about defending the Internet? Blame Timothy Berners-Lee. He made it worth defending.

In 1989, the journeyman consultant and software engineer submitted a proposal to CERN, the European particle physics laboratory in Geneva, Switzerland.

It envisioned a decentralized network that would link different computers, even ones using different software, to find and share information no matter where they were -- via the Internet.

Berners-Lee drafted the Hypertext Transfer Protocol (HTTP) software that would allow computers to communicate hypertext documents via the Internet.

Words or images in a file could be coded with a link, hypertext that would connect to other data in the file or via the Internet to another file located somewhere else on the Internet. Researchers would no longer be limited to a single linear path to retrieve data.

In addition to HTTP, Berners-Lee proposed a system for finding documents online. Each document, he suggested, would be assigned a unique address called a Universal Resource Identifier (which later became called a Uniform Resource Locator -- a URL).

Everything we enjoy on the Internet today from PayPal to Facebook is built on Berners-Lee's innovation to make exchanging information with computers more "user" friendly.

But his creation was akin to the discovery of the New World. Now there was something new that was valuable. It had to be protected. Berners-Lee had brought forth a blessing ... and a new security problem.

The Founding Fathers never envisioned that Twitter would one day supplant the Federalist Papers. But when they tasked government, in the Constitution, with "providing for the common defense," they most certainly meant the defense of all the resources common to a sovereign people. Today, that task includes defending our access to cyberspace.

Washington has been slow to fulfill its appropriate role with protecting the freedom of the commons in cyberspace. Congress has been the worst offender -- and in scrambling to catch up, the Hill has demonstrated how poorly prepared it is for the task.

The most recent debacle over the Stop Online Piracy Act, or SOPA, is a case in point. Lawmakers rushed lemming-like to "do something" to protect intellectual property on the Internet.

In their haste, they cooked up a legislative solution that would have actually made safeguarding copyrights worse.

The Internet Engineering Task Force, a group that works with governments and the private sector, has proposed a suite of add-on security features that would help combat pirating of copyrighted material and other online abuses.

If passed, SOPA would have actually made implementing these features more difficult. Luckily, SOPA crashed and burned.

Lesson to be learned: Understand the problem before trying to solve it. That lesson is doubly important as Congress looks to pass new cybersecurity legislation.

In an election year, the temptation to pass a bill -- any bill -- just so they can claim to have done something, is ever present. Congress needs to take a deep breath and thoughtfully craft a bill that will get the job done right.

Several bills are already floating around. Some would grant the federal government massive powers in an effort to direct the Internet like a general directs troops in the field. They would create more federal bureaucracy, and tie up the economy with heavy regulation.

Other bills take a more constrained approach, patching gaps in policy and law to let the government and the private sector work together more effectively -- providing clearer authority to identify threats, provide early warning and share information, while protecting privacy, free speech and paving the way for the course of commerce.

Congress is not near ready to sort out the differences between these two approaches. If it tries to act now, it would most likely produce a mish-mash of a bill with as many problems as solutions.

Congress needs to get cyber-serious first. The Internet and its enemies aren't going anywhere. Let's make sure we get a cyber law that helps more than it hurts.

James Jay Carafano is a senior research fellow for national security at the Heritage Foundation.

About the Author

James Jay Carafano, Ph.D. Vice President for the Kathryn and Shelby Cullom Davis Institute for National Security and Foreign Policy, and the E. W. Richardson Fellow

First appeared in The Examiner