On May 29, 2009, President Obama released his Cyberspace Policy Review (the Review). The Review, conducted by the National Security Council and the Homeland Security Council, examined existing government initiatives addressing cyberspace security in order to develop a strategic framework to coordinate government action. The Review put cybersecurity on the policy agenda early in the Obama administration, and it explicitly describes cybersecurity as a global issue that calls for international cooperation: “The United States . . . needs a strategy for cybersecurity designed to shape the international environment and bring like-minded nations together on a host of issues… Only by working with international partners can the United States best address these challenges, enhance cybersecurity, and reap the full benefits of the digital age.”
On June 23, 2009, Secretary of Defense Robert Gates established the U.S. Cyber Command as a sub-unified command under the U.S. Strategic Command in order to defend military information networks against cyber attacks.1 This organization is the most recent Department of Defense (DoD) response to the increasing threats to U.S. military, government, and commercial information systems and rapidly developing adversarial network capabilities.
In his celebrated concurring opinion in The Steel Seizure Case, Justice Jackson cautioned that “only Congress itself can prevent power from slipping through its fingers.” Jackson’s warning seems especially pertinent today, as we prepare urgently for cyber warfare – facing potentially enormous threats from yet unknown enemies, and finding ourselves dependent on staggeringly complex, unproven technology. The executive branch, which has special expertise and agility in national security matters generally, as well as substantial constitutional authority, has taken the initiative in these preparations. Yet if Congress is to be faithful to the Framers’ vision of its role in the nation’s defense, it must tighten its grip and play a significant part in the development of policies for war on a digital battlefield. It also must enact rules to help ensure that these policies are carried out.