Kudos to CNET  for obtaining a copy of the bill Senators Rockefeller and Snowe are proposing for enhanced cyber security, entitled the Cyber Security Act of 2009. Much of the bill is non-controversial, pushing federal agencies to bulk up their electronic defenses against hacking and similar threats.  One provision of the legislation gives the president broad powers to direct Internet traffic and examine electronic data when he or she declares a “cyber emergency.”

The problem is that the circumstances warranting a cyber emergency remain undefined in the bill. The strongest argument I can think of off-hand for keeping the conditions justifying such an emergency declaration vague is that threats to cyber security evolve rapidly, probably more rapidly than threats to other types of security.  We therefore don’t want to hamstring our government from taking intelligent and swift action in response to the legitimate threats of tomorrow because we have overdefined the problems in the terms of what we understand today. (In fact, in this space and in the media more broadly, we have made the point that highly defined Internet legislation from the mid-1990s, particularly the Communications Decency Act, has yielded perverse and unintended outcomes in the field of Internet libel law, for example.)

However, there is something about the scope of the powers given to the president under the bill as written that makes the current formulation disquieting.  It would be better, I think, to limit the powers of the president in one of a few ways.  First, the bill could limit the president’s power to declare an emergency by saying that such an emergency could last only five or ten days before requiring congressional approval.  Second, the president could be required to seek congressional approval in the first instance: in the past, in times of grave national threat, Congress has acted to nationalize or take control of vital industries and assets.  Third, the bill could offer further and reasonably future-scalable definition as to what constitutes an emergency.  This bill doesn’t offer limitations of this kind.  As a country, we’re smart enough to do better.