When I read Larry Seltzer’s piece on H.R. S 773 IS, I fell into a constant nod about the issues he raised. In addition, I have two more:
SEC. 11 (a): Lofty goals, but these seem rather obvious, since they have been at the heart of any computer security research for a rather long time.
SEC. 14: This sections empowers the Secretary of Commerce with very far reaching powers, especially since ‘critical infrastructure’ is so woefully underspecified.
In general, I am very unhappy with the bill’s vagueness and lack of definition, especially since there are enough provisions (such as SEC. 17 – see Larry’s comments) that can significantly impact the civil liberties of all U.S. persons. The intent of the bill seems honest enough, but in order for this to not backfire, a lot more work needs to go into a more robust draft.