We reported last year:
As the executive director of the Information Society Project at Yale Law School notes:
This administration … publishes a newsletter about its efforts with language that compares copyright infringement to terrorism.
The American government is using copyright laws to crack down on political dissent just like China and Russia.
We noted last month that the “cyber-security” laws have very little to do with security.
The Verge reported last month:
In the State of the Union address Tuesday, President Obama announced a sweeping executive order implementing new national cybersecurity measures, opening the door for intelligence agencies to share more information about suspected “cyber threats” with private companies that oversee the nation’s “critical infrastructure.” The order is voluntary, giving companies the choice of whether or not they want to receive the information, and takes effect in four months, by June 12.
“Cyber threats cover a wide range of malicious activity that can occur through cyberspace,” wrote Caitlin Hayden, spokeswoman for the White House National Security Council, in an email to The Verge. “Such threats include web site defacement, espionage, theft of intellectual property, denial of service attacks, and destructive malware.”
“The EO [executive order] relies on the definition of critical infrastructure found in the Homeland Security Act of 2002,” Hayden wrote.
The Homeland Security Act of 2002 (PDF), passed in the wake of the September 11, 2001 terror attacks, was what created the Department of Homeland Security. At that time, the US was still reeling from the attacks and Congress sought to rapidly bolster the nation’s defenses, including “critical infrastructure” as part of its definition of “terrorism.” As the act states: “The term ‘terrorism’ means any activity that involves an act that is dangerous to human life or potentially destructive of critical infrastructure or key resources…”
But again, that act doesn’t exactly spell out which infrastructure is considered “critical,” instead pointing to the definition as outlined in a 2001 bill, also passed in response to September 11, which reads:
“The term “critical infrastructure” means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
This is the same exact definition that was originally provided in the president’s cybersecurity order as originally published on Tuesday, meaning that the White House appears to be relying to some degree on circular reasoning when it comes to that definition. Some in Washington, including the right-leaning think tank The Heritage Foundation, are worried that the definition is too broad and “could be understood to include systems normally considered outside the cybersecurity conversation, such as agriculture.”
In fact, the Department of Homeland Security, which is one of the agencies that will be sharing information on cyber threats thanks to the order, includes 18 different industries in its own label of “critical infrastructure,” from agriculture to banking to national monuments. There’s an argument to be made that including such a broad and diverse swath of industries under the blanket term “critical” is reasonable given the overall increasing dependence of virtually all businesses on the internet for core functions. But even in that case, its unclear how casting such a wide net would be helpful in defending against cyber threats, especially as there is a limited pool of those with the expertise and ability to do so.
It’s not just intellectual property. The government is widely using anti-terror laws to help giant businesses … and to crush those who speak out against their abusive practices, labeling anyone who speaks out as a potential bad guy.