OFFICIALS LEGISLATION INTEREST GROUPS PUBLIC STATEMENTS COMMITTEES VETOES

Water Resources Development Act of 2016

Floor Speech

By: Ron Wyden
By: Ron Wyden
Date: Sept. 8, 2016
Location: Washington, DC
Issues: National Security Technology and Communication

BREAK IN TRANSCRIPT

Mr. WYDEN. Mr. President, shortly I will ask unanimous consent that the Senate pass S. 2952, the Stopping Mass Hacking Act.

Colleagues, the bill is just one sentence long. What it does is simple, but in my view it is extraordinarily important. If the Senate does nothing, if the Senate fails to act, what is ahead for Americans is a massive expansion of government hacking and surveillance powers, and it will take place automatically on December 1 of this year. The legislation that I seek to pass, which has been bipartisan in the Senate, would stop this automatic expansion of government hacking and surveillance powers.

I have said it before and I want to say it again this afternoon: There is no question that it is a dangerous world out there, and I take a backseat to none when it comes to making sure our law enforcement and intelligence officers have the tools they need to keep America safe. In fact, I was actually able to add the specific provision expanding emergency powers for our government to act when there is a threat so that the government could move to protect the American people and come back and get the warrant later. But that is not what we are talking about here. What we are talking about here is a staggering expansion of government hacking and surveillance authority. These are major changes to Federal policy that are going to come about through amendments to rule 41 of the Federal Rules of Criminal Procedure.

This is the kind of major issue that traditionally comes before the Judiciary Committee. I see that two of my colleagues with whom I enjoy working very much are here. Chairman Grassley is here and also Senator Cornyn, a member of the Judiciary Committee and a distinguished member of the Finance Committee. We have big policy issues that come before the Finance Committee and that come before the Judiciary Committee. We work on them. We work on them in a bipartisan fashion. Chairman Hatch and I meet every Wednesday afternoon to work on these kinds of matters. That is not what is going to happen with this massive expansion of government hacking and surveillance authority.

Colleagues, these rules are going into effect on December 1 if Congress doss nothing. If Congress just says, ``Oh, gee, we have other things to do,'' these rules will go into effect. I guarantee you there are going to be many Americans who are going to be very unhappy, and they are going to ask their Members of Congress what they did to stop this ill-advised approach.

By the way, in the other body, some of the most senior Republicans-- Congressman Sensenbrenner, the distinguished Congressman from Wisconsin, is very concerned about this issue.

The American people want security and liberty, but these amendments don't give them much of either. This major policy change is going to make it easier for the government to hack into the personal devices of Americans and collect more information about them. They are going to do it by using computer programs called malware. The ``mal,'' in my view, is like ``malevolent.'' It is going to make us less safe, not more.

Allowing the government to use secret, untested malware could end up damaging not only our personal devices but the power grid or hospitals and nearly any other system connected to the Internet. Get your arms around that--hospitals in Iowa, Texas, and Oregon being damaged not because the Congress made a policy decision but because something was done automatically as a result of a change in the rules of criminal procedure. I just want to say to my colleagues that I think there will be a lot of unhappy Americans if that is the case.

The rule change says that the government can potentially search millions of computers with one single warrant issued by one single judge. There is no difference, in terms of law enforcement access, between the victims of a hack and the perpetrator himself. These changes will make people the victims twice over--once by a hacker and once again by their government. You wouldn't punish the victims of a tax scam or a Ponzi scheme with a painful audit. It just doesn't add up.

I understand that passing legislation by unanimous consent is a difficult task. These days, you can hardly get unanimous consent to drink a soda at lunchtime. But this isn't an issue where the Senate can do some kind of ostrich act and ignore the problem. By sitting here and doing nothing, the Senate will be giving consent to a substantial expansion of government hacking and surveillance authority. By not acting, the Senate would give a stamp of approval on a major policy change that has received no hearing, no oversight, and no discussion in spite of the fact that some of the most important companies in America are speaking in opposition to this.

In my view, the limits of search and seizure are unquestionably an issue for this Congress to debate. The Justice Department should not have the power to change the practical meaning of the Fourth Amendment without the people's elected leaders weighing in. Instead, the Senate ought to be doubly concerned by the fact that the administration wants to conduct proactive cyber security policy through some kind of obscure bureaucratic process like rule 41.

There aren't folks in Oregon, Texas, Iowa, or anywhere else who are following the details of something called rule 41, but I am telling everybody that they are going to be very concerned about the expansion of the government's hacking authority. So I hope my colleagues will join me in supporting this bipartisan, bicameral legislation. If this bill does not pass today by unanimous consent, I look forward to having a hearing on this issue. I know there has been bipartisan interest in the Judiciary Committee. Leaders of the Judiciary Committee have talked about it, and I hope that hearing will take place shortly so that Americans can have a chance to understand exactly how devastating this proposal would be for them.

2952; that the Senate proceed to its immediate consideration; that the bill be read a third time and passed and the motion to reconsider be considered made and laid upon the table with no intervening action or debate.

BREAK IN TRANSCRIPT

Mr. WYDEN. Mr. President, I am going to yield in just a moment to Senator Daines, but just so we are clear in terms of my response to the distinguished Senator from Texas, he has--as some have tried to do-- sought to characterize this as kind of a routine kind of matter; that this was a rule of criminal procedure of no great import and without any far-reaching consideration. I can tell you that cyber security experts around the country have spoken out virtually unanimously about the consequences of the government accidentally breaking their computers without telling them.

I don't know of anything that is routine about this at all. Under this change, the government can search potentially millions of computers with one single warrant issued by one single judge. And, tragically, there is no difference, in terms of law enforcement access, between the victims of a hack and the perpetrators themselves. So we are talking about clobbering victims twice. First they get clobbered by a hacker and then they could get hurt by the government.

The distinguished Senator from Texas seeks to portray this as some kind of far-out kind of matter. Virtually all of the major technology companies in this country have written in opposition to this. Scores of cyber security experts have written in opposition. One of the key points they make is that you don't punish victims twice in America. You wouldn't punish the victims of a tax scam or a Ponzi scheme with a painful audit. That is what can happen here.

The idea that a change of this magnitude would be made without any debate, consideration--there has been no hearing on this matter. I know of no meetings. I would like to hear any Member of the Senate tell me about some meeting they went to. I know of no sessions where the public voice could be heard.

I am very hopeful, and I intend to come back to this floor again in an effort to make sure the public is at least brought into this. I can tell you that Senator Daines and I represent a lot of rural hospitals, for example. Well, certainly if you heard some of what we have been told could happen in terms of what it could mean to computer systems at hospitals and other kinds of facilities, they are going to ask their Senators: What did you do about that? Why did you just let that rule go through that would damage those systems that are a lifeline for Americans?

So we are going to be back. As I mentioned before, my colleague in the other body was starting to make a fair amount of progress. Jim Sensenbrenner, who is a very influential Member of the other body, has taken a great interest in this, as have a number of colleagues on both sides. So we will be back.

I am going to yield now. I know my colleague from Montana has been a wonderful partner in this effort, and he has some comments to make that will highlight once again the bipartisan concern about the magnitude of this change that would take place without any involvement, none, here in the Senate--no hearings, no debates, no discussions. This is a big change, and I hope we will discuss it.

BREAK IN TRANSCRIPT


Source
arrow_upward