A new Senate bill introduces sweeping cybersecurity regulations--and a wave of angry protests.
If the Bush administration's $30 billion classified cyber defense initiative last year seemed controversial, prepare for a new round of battles over security, privacy and civil liberties in the digital realm.
A new Senate bill introduced Wednesday is poised to extend federal cybersecurity regulations further into the private sector than ever before, and it is already sparking confusion and criticism among watchdog groups.
The bill, authored by Sens. John Rockefeller, D-W.Va., and Olympia Snowe, R-Maine, moves cybersecurity authority to an as-yet-unnamed cyber adviser who will report to the president. The wide-ranging measures also include sweeping new regulations to plug the vulnerabilities in both government and the private sector that could leave the nation open to cyber attacks or data theft.
In fact, the new provisions go beyond extending security rules to all government agencies, government contractors and software vendors selling to those groups. They would also be stretched to the private sector's so-called "critical infrastructure" companies--those typically deemed crucial for national security.
But given that the words "critical infrastructure" aren't defined in the bill, Center for Democracy and Technology (CDT) President Leslie Harris argues the new regulations could cover not just water distribution, the power grid and banks, but also telecommunications, Internet service providers and even Internet application companies like Google ( GOOG - news - people ) and Microsoft ( MSFT - news - people ).