Photo courtesy of bearklaw via Flickr.
One country + one button = millions of Internet connections shut down in an instant. The equation is more than just a theory in some places, and not completely outside the realm of possibility in the U.S.
An Internet kill switch, as the concept is often referred to, is a single shut-off mechanism that would, upon the government’s command, disable web access nationwide in case of cybercrime or other serious threats to electronic infrastructure.
Though the ominous, universal red button that comes to mind may be little more than a fantasy, some laws are in place in the U.S. to authorize (and further complicate) the disabling of Internet and phone connection, in theory and practice. These include:
- The Communications Act of 1934 states that the US President has the power to “suspend or amend… the rules and regulations applicable to any or all stations or devices capable of emitting electromagnetic radiations within the jurisdiction of the United States”
- The Telecommunications Act of 1996 introduced the ability for telecommunication carriers to compete in the information market vertically and without legislative regulation, causing an explosion in amounts of ISPs and a recognized security risk.
- Standard Operating Procedure 303 is a 2006 classified agreement between telecommunication giants and the government authorizing localized shutdowns of cellular service.
- The Protecting Cyberspace as a National Asset Act of 2010, in one provision, gave the President the power to “authorize emergency measures to protect the nation’s most critical infrastructure if a cyber vulnerability is being exploited or is about to be exploited.” The bill, however, expired at the end of 2010 without vote from Congress.
- Assignment of National Security and Emergency Preparedness Communications Functions is a 2012 Executive Order that, in section 5.2, states that the Department of Secretary of Homeland Security (DHS) may “satisfy priority communications requirements through the use of commercial, government, and privately owned communications resources, when appropriate.” (Essentially, assert control over all communication in times of crisis.)
By these laws, the President and DHS ostensibly have the authority to suspend Internet and telephone communication. But it’s easier said than done.
In 2013, the Electronic Privacy Information Center (EPIC) filed a lawsuit demanding DHS reveal the details behind its plans for a kill switch, but the order was appealed.
Would it work?
Evidence of the actual technology necessary to shut down the whole of the Internet, especially in the United States, is scarce. In order for the government to shut off the Internet, it would need control over all Internet Service Providers (ISPs), of which there are over 8,000, as well as mobile operators and landlines.
Each company would have to voluntarily comply, and there is no law that gives the government access to ISPs without court order. Further, the size of America means networks interconnect in as many as 20 cities instead of doing so in a central capitol, as is the case for some smaller nations.
In the case of cyber war, a report by the OECD finds that an Internet kill switch would cause more chaos than it would prevent.
Essentially, a nationwide blackout is in no one’s best interest, and beyond the government’s intent and ability. The government would be more likely to turn off Internet or phone communication locally — and reportedly has the authority to do so in an entire metropolis in the case of cyber threats, bomb threats, or threatened infrastructure.
Other “kill switches”
There are several countries that have demonstrated the means to disable the Internet or have even used it before. These nations include:
- China: Known for its Internet censorship, China’s government controls its ISPs, and has successfully tested its capability to shut down access in a trial run in the entire province of Xinjiang.
- Egypt: During the 2011 revolution, the Egyptian government shut down all Internet and cellular service to 80 million people for a total of five days.
- Iran: In 2011, Iran cut off access to the Internet from millions of users during anti-government protests.
- Libya: Libya’s internet was also shut down several times in 2011, the second time by “blackholing” traffic just before it entered Libyan netspace ahead of planned protests.
- Syria: In 2012, nearly all of Syria was cut off from Internet and phone communication, an act initially believed to be attributable to the government in spite of their denial — though NSA leaks via Edward Snowden suggest it may have been brought about inadvertently through US hacking.
- Russia: Though it was reported that the Kremlin was investigating an Internet “kill switch” option in emergency situations, Russian President Putin has said it is not a consideration, though better cybersecurity is.
2012 research, which evaluated the risk of Internet shutdown across the globe, found the countries which were most at risk to be those with heavily regulated telecommunication services and only one or two companies at their international frontier.
60 countries are at high risk of potential shut-down, including Syria, Tunisia, Turkmenistan, Libya, Ethiopia, Uzbekistan, Myanmar, and Yemen.
By these standards, the United States is labeled very safe from Internet shut-down due to the many independent paths in and out of the country. 31 other countries also labeled very safe include Canada, Australia, and even Russia.
Essentially, you can rest easy, Americans. It would take a lot more than Kim Kardashian’s butt to truly break the Internet.