I sort of get the feeling that the entire legislative effort on cyberwar is going on in a classified annex.
Nevertheless, even from what we can see, we’ve got a dispute. As I noted a few weeks back, The House Armed Services Committee included a provision that explicitly granted DOD the power to conduct clandestine cyberwar activities in some situations, but required quarterly briefing on such activities.
SEC. 962. MILITARY ACTIVITIES IN CYBERSPACE.
(a) AFFIRMATION.—Congress affirms that the Secretary of Defense is authorized to conduct military activities in cyberspace.
(b) AUTHORITY DESCRIBED.—The authority referred to in subsection (a) includes the authority to carry out a clandestine operation in cyberspace—
(1) in support of a military operation pursuant to the Authorization for Use of Military Force (50 U.S.C. 1541 note; Public Law 107–40) against a target located outside of the United States; or
(2) to defend against a cyber attack against an asset of the Department of Defense.
(c) BRIEFINGS ON ACTIVITIES.—Not later than 120 days after the date of the enactment of this Act, and quarterly thereafter, the Secretary of Defense shall provide a briefing to the Committees on Armed Services of the House of Representatives and the Senate on covered military cyberspace activities that the Department of Defense carried out during the preceding quarter.
(d) RULE OF CONSTRUCTION.—Nothing in this section shall be construed to limit the authority of the Secretary of Defense to conduct military activities in cyberspace.
That seemed to be a response to earlier claims by DOD that it didn’t have to brief such things to Congress.
As it happens, that’s another of the sections of the Defense Authorization to which the Administration objects (though they did not issue a veto threat on it).
Military Activities in Cyberspace: The Administration agrees that appropriate military operations in cyberspace are a vital component of national security, but objects to Section 962. The Administration has concerns about this provision and wants to work with Congress to ensure that any such legislation adds clarity and value to our efforts in cyberspace.
The choice by administrations to conduct cyberwar under DOD’s auspices rather than CIA’s as a way to avoid oversight is something that John Rizzo (!) warned about. And the bill has already given the Administration an extra three months of secret cyberwar before it has to start briefing Congress compared to the original bill.
What kind of war is Obama waging in cyberspace it refuses to tell Congress about?