President Obama Declares the Threat to Crappy Sony Movies a National Emergency

President Obama just issued an Executive Order that directs Department of Treasury to impose sanctions on people who engage in “significant malicious cyber-enabled activities.” The move has been reported as a means to use the same kind of sanctions against significant hackers as we currently used against terrorists, proliferators, drug cartels, and other organized crime.

Regardless of whether you think this will do any good to combat hacking, I have several concerns about this.

First, at one level, the EO targets those who “harm[], or otherwise significantly compromis[e] the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector.” But remember, our definition of critical infrastructure is absurdly broad, including things like a Commercial Facilities sector that includes things like motion picture studios — which is how Sony Pictures came to be regarded as critical infrastructure — and even things like campgrounds.

And it’s actually not just critical infrastructure. It also targets people who “caus[e] a significant disruption to the availability of a computer” and those who “caus[e] a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.” I can envision how this EO might be ripe for abuse.

But it gets worse. The EO targets not just the hackers themselves, but also those who benefit from or materially support hacks. The targeting of those who are “responsible for or complicit in … the receipt or use for commercial or competitive advantage … by a commercial entity, outside the United States of trade secrets misappropriated through cyber-enabled means, … where the misappropriation of such trade secrets is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States” could be used to target journalism abroad. Does WikiLeaks’ publication of secret Trans-Pacific Partnership negotiations qualify? Does Guardian’s publication of contractors’ involvement in NSA hacking?

And the EO creates a “material support” category similar to the one that, in the terrorism context, has been ripe for abuse. Its targets include those who have “provided … material, or technological support for, or goods or services in support of” such significant hacks. Does that include encryption providers? Does it include other privacy protections?

Finally, I’m generally concerned about this EO because of the way National Emergencies have served as the justification for a lot of secret spying decisions. Just about every application to the FISC for some crazy interpretation of surveillance laws in the name of counterterrorism founds their justification neither in the September 17, 2001 Finding authorizing covert actions against al Qaeda nor the September 18, 2001 AUMF, but instead in President Bush’s declaration of a National Emergency on September 14, 2001. I’m not sure precisely why, but that’s what the Executive has long used to convince FISC that it should rubber stamp expansive interpretations of surveillance law. So I assume this declaration could be too.

In other words, the sanctions regime may well be the least of this EO.

image_print
16 replies
  1. der says:

    “Is WikiLeaks’ publication of secret Trans-Pacific Partnership negotiations qualify? Does Guardian’s publication of contractors’ involvement in NSA hacking?”
    .
    Yes. If “Justice” can use a King George II law to charge Bowe Bergdahl for being a rat fink, then Edward Snowden is worse than Hitler.

  2. bloopie2 says:

    It also targets people who … caus[e] a significant misappropriation of funds … for commercial or competitive advantage or private financial gain.” Gosh, don’t they already have a ‘bank robbery’ statute that covers that type of thing? Well, I guess you’re right, this is just a way for the government to punish anyone they want to, without going to the trouble of passing a law or bringing a criminal prosecution. Wonderful.
    .
    But wait – there’s more! This will be perfect for going after the banksters, no? I mean, DOJ is always whining, “Burden of proof is too high, etc., etc.”. No need for such niceties now. Think they’ll do it? I can’t wait.

  3. TarheelDem says:

    My telecom causes significant disruptions ot the availability of my computer. Might they fall under this EO? This past few weekends and likely this weekend my computer service has been disrupted by the NCAA. Might they be a target of this EO?

    This is a declaration that DDOS attacks are not equivalent to sit-ins. Or is it?

    So this is a way to go after the New York Times The Guardian, and Der Speigel? Proportional?

    Just some innocent questions here.

  4. qweryous says:

    http://www.desmoinesregister.com/story/news/crime-and-courts/2015/03/29/seed-corn-theft-plot-national-security-fbi/70643462/

    “Does protecting America’s lucrative genetically modified seed corn industry warrant the use of national security laws intended to fight terrorists and government spies?

    The FBI says yes, and it has invoked the broader powers afforded by the Foreign Intelligence Surveillance Act, or FISA, to surreptitiously gather evidence against two Chinese siblings accused of plotting to steal patented seed from Iowa cornfields, according to court records.”

    • emptywheel says:

      I actually suspect the invocation of foreign power there is less outrageous than it is against hundreds of US kids reading Inspire.

      I’m just surprised they did claim it. Suggests they’re hiding techniques (maybe hack-spying) targeted back at China.

  5. galljdaj says:

    Wow! and a lot more wows! lil obama has to sanction the entire us govt for its ‘
    ‘terrorist’ attacks on my computer which has cost me a very significant amount of monies and time. From the USPS, FBI, US Senate, the Secret Federal Courts, the DOJ, and Our lil criminal in Chief, all have failed to up hold Our Laws as parties to the illegal attacks on me through Our Mail Telephone and Communication Systems, Plus the Physical Threat to my Body!

    Fat chance lil obama will up hold the rule of law regarding his use of the Executive Order, It purely a selective weapon! Another criminal act using the Govt for crime!

  6. earlofhuntingdon says:

    Gives a new meaning to the phrase “corporate law”. I love the guilt by association category. Ah, Mr. Obama has never met a powerful actor he couldn’t wait to please, his faux populist rhetoric notwithstanding. It makes the marketing award won for his first presidential campaign the one he really deserves.

  7. greengiant says:

    Cannot wait for the government to take down google, facebook, akami etc etc etc for causing all those blue screens of death…

  8. wallace says:

    Notwithstanding this EO pos, if CISA passes.. the Twilight Zone will look like a children’s cartoon. Cue Jim Garrison…

    quote”Huey Long once said, “Fascism will come to America in the name of anti-fascism.” I’m afraid, based on my own experience, that fascism will come to America in the name of national security.”unquote

    In the name of national security.

    CISA is the living definition of FASCISM. Period.

    https://firstlook.org/theintercept/2015/04/01/nsa-corporate-america-push-broad-
    cyber-surveillance-legislation/

    And now, some schmuck in Congress wants to combine this EO and CISA into an even more Orwellian law. Fuck these cockroaches. Time to start organizing a viral Shaming video of every American Corporate Organization that contributed to this legislation.

    http://www.pciaa.net/docs/default-source/industry-issues/letter_to_congress_supporting_cybersecurity_information_sharing_act.pdf?sfvrsn=2

    • wallace says:

      quote”Was I the only one who wondered if this was an April Fools gag after reading the headline?”unquote

      Stick around. You’ll discover emptywheel’s Samurai sword of wit daily. For live coverage of her war on idiocy, see her twitter feed. It’s a virtual blood bath. :)

  9. Phil Perspective says:

    And it’s actually not just critical infrastructure. It also targets people who “caus[e] a significant disruption to the availability of a computer”

    Does this include arresting Comcast for their sometimes spotty internet service?

  10. Peter Eugene Bovold says:

    Let’s remember Obama inherited this Constitution Stomping government from the Bush Mafia. They declared martial murder on the Bill of Rights. The corporate criminals took advatage of congresses disgusting love of bribes, and ignored over due updates for cyber privacy rights laws. September 11, 2001 was just the opportunity big business, and the government – within – our – government was waiting for. We should begin prosecuting the offending politicians and corporate officers and any lobbiests, including the firms they work for, for treason. These are crimes against USA Citizens, and future generations. Google, Android, and any and all companies, individuals, corporations should immediately desist for Big Data Mining. It’s a very sad era, we are standing around watching our forfauthers creation disappear. Why bicker over the small hack while the big Crooks take our rights to the bank with our VERY Limited Paychecks.

Comments are closed.