Building Cyber Walls: Executive Emergency Powers in Cyberspace

Building Cyber Walls: Executive Emergency
Powers in Cyberspace
Laura B. West*
The Executive is granted broad authorities upon declaring a national emer-
gency. As of this writing, there are thirty-five active declared national emergen-
cies in the United States, the oldest of which dates back to the Iran Hostage Crisis
in 1979.
Not surprisingly many of these continuing states of emergency—that
last on average nearly ten years—address some facet of the war against terror.
These emergencies appear to illustrate that the American public acquiesced to
broad grants of authority to the Executive; Americans seemingly yielded to the
idea of a forever emergency, especially when it comes to terrorism. Recent
declared emergencies, however, should heighten concerns about the appropriate-
ness of such acquiescence for a forever emergency and invoke doubts about the
permissible scope of the Executive’s authorities.
The southern border wall emergency is a prime example. Declared by
President Trump in February 2019, the border wall emergency quickly put the
emergency powers under a microscope and subject to harsh public criticism.
lurking under the radar of the border wall media frenzy is a nascent “endless
that arguably requires even more urgent attention—the cyberspace
* Major Laura West is a Judge Advocate in the U.S. Army and currently serves as the Deputy Chief
of National Security Law at U.S. Cyber Command. Major West earned an LL.M., with distinction, from
Georgetown University Law Center in National Security Law, an LL.M. from The Judge Advocate
General’s Legal Center and School in Military Law, a J.D. from William and Mary Law School, and a
B.S. from the United States Military Academy. The views expressed in this article are those of the
author and do not necessarily represent the views of the Department of Defense or any other government
agency. I would like to thank Professors Mitt Regan, Mary DeRosa, and Carrie Cordero their thoughts
that helped shape this article. I also wish to thank my husband, Brandon, for all of his expert advice and
unwavering support. All errors are my own. © 2021, Laura B. West.
Trump declared an additional national emergency concerning the novel coronavirus on March 13, 2020,
issued as this article went into editing. See Proclamation No. 9994, 85 Fed. Reg. 15,337 (Mar. 18, 2020).
2. See id.
3. See, e.g., Peter Baker, Trump Declares a National Emergency, and Provokes a Constitutional
Clash, N.Y. TIMES (Feb. 15, 2019), Democratic leaders, Speaker Pelosi
and Senator Schumer, described the emergency declaration as “plainly a power grab by a disappointed
president, who has gone outside the bounds of the law to try to get what he failed to achieve in the
constitutional legislative process.” Id. The emergency declaration enables the President to divert $3.6
billion from military construction projects to the wall, if it withstands judicial scrutiny. Id. Congress had
explicitly denied the construction of a wall and voted to the end the emergency, but the President vetoed
the resolution, thus keeping the emergency in place. See BRENNAN CTR. FOR JUST., supra note 1.
4. See Jordan A. Brunner, Comment, The (Cyber) New Normal: Dissecting President Obama’s
Cyber National Emergency, 57 JURIMETRICS J. 397, 397-98 (2017).
In 2015, the first cyberspace emergency was declared by President Obama in
response to the unique and then unprecedented 2014 Sony Pictures cyber hack by
North Korea.
President Obama declared this national emergency to deal with the
“unusual and extraordinary threat” of “malicious cyber-enabled activities.”
President continuously renewed this emergency since its inception.
In 2019,
President Trump added another cyberspace emergency to the growing list of
active emergencies. Pursuant to the Executive’s emergency powers, President
Trump declared certain telecommunications equipment, classified as a national
security risk, to be banned from use by American companies.
The advent of the cyberspace emergency requires careful and urgent attention
for a number of reasons, the most pressing presented here. First, these emergen-
cies come in the wake of an alarming rise in internet shutdowns around the
Internet shutdowns, touted by states as emergency methods for repelling
massive cyber-attacks, are also documented as primary tools used by totalitarian
regimes to stifle speech and dissent.
Second, running parallel to this growing
internet shutdown movement, is the undeniable fact that the internet and telecom-
munications infrastructure are now an indispensable part of the nation’s intercon-
nected modern life, and is being threatened daily by ever-changing and growing
malicious cyber-attacks. Finally, over the last year, a worldwide pandemic broke
out and continues to take an unimaginable toll on Americans’ daily existence and
5. The Sony Pictures hack was exceptional at the time; it was the first highly publicized attack that
occurred in U.S. territory, covered in mainstream American media, and elicited a timely public
WARFARE: ISSUES FOR CONGRESS, 7 (2018), (noting the unique nature of
the Sony attack, to include “threats of physical destruction, affect[ing] the decision-making process of a
private company, exploited the human element of fear in a civilian population, imposed extra-territorial
censorship, and triggered a response from the U.S. government”); see generally Ellen Nakashima, Why
the Sony hack drew an unprecedented U.S. response against North Korea, WASH. POST, (Jan.POST (Jan.
15, 2015),
6. See Exec. Order No. 13,694, 80 Fed. Reg. 18,077 (Apr. 1, 2015). Since the Sony hack, the U.S.
imposed additional sanctions under cyberspace emergency authorities in 2016 and 2018 on Russia in
response to cyber election interference. See Exec. Order No. 13,757, 82 Fed. Reg. 1 (Dec. 28, 2016);
Exec. Order No. 13,849, 83 Fed. Reg. 48,195 (Sept. 20, 2018). In 2017, legislation was also
implemented imposing further sanctions on Russia, Iran and North Korea due to cyber-related attacks.
See Countering America’s Adversaries Through Sanctions Act, Pub. L. No. 115-44 (2017).
To note, this article uses the terms “cyber hack,” “malicious cyber-enabled activities,” and “cyber-
attack” to mean in a general sense any type of malicious cyber operation. The term cyber-attack is used in
this article as a colloquial term to better understand the scale and consequences of such an operation;
however, it is not necessarily meant to be interpreted narrowly in the terms of an attack qualifying under
the law of armed conflict. Such an analysis exceeds the scope of this article that is geared toward a
domestic analysis. Specifically, this article is more focused on examining a “cyber-attack” as an operation
that could encompass a wide range of incidents effecting cyberspace within the United States—it makes
no reference to the intent or origins of the operations or attacks.
7. Continuation of the National Emergency With Respect to Significant Malicious Cyber-Enabled
Activities, 84 Fed. Reg. 11,877 (Mar. 28, 2019).
8. See Exec. Order No. 13,873, 84 Fed. Reg. 37,055 (May 15, 2019).
9. See discussion infra Section II.A.
10. See Samuel Woodhams, Contesting the Legality of Internet Shutdowns, JUST SECURITY (Oct. 1,
human life. The nation’s response to controlling the virus exposed critical vulner-
abilities in national authorities and, unfortunately, demonstrates all too clearly
how high the stakes are in refining national emergency authorities.
This state of affairs today raises the broad question of whether the United
States government has appropriately tailored authorities and corresponding tools
necessary to effectively defend against, recover, and maintain resilient networks
during and after a massive cyber-attack. As mentioned above, the United States
most notably responded to that question with a declared cyberspace emergency,
unlocking significant broad authorities at the President’s disposal to assist in the
deterrence of such attacks.
But what is the true scope of a cyber national emergency authority? Imposing
sanctions as President Obama did in 2015 with the first cyberspace emergency is
likely only the tip of the iceberg for the scope of the Executive’s emergency
powers. More concerning and the focus of this article, though, is that similar to
those totalitarian regimes, cyber national emergency powers may have a vast
scope that goes so far as to permit the President to direct an internet shutdown,
otherwise known as directing the proverbial “kill switch.”
Most scholars who have tackled the internet “kill switch” subject come to a rather
hasty conclusion that the President has the authority to shut down the internet under
his emergency powers by invoking section 706 of the Communications Act of 1934
(codified as 47 U.S.C. § 606).
Over the years, this supposition has been debated on
the fringes. This article adds to that debate, brings it front and center, and argues that
the current legal authorities are wholly inadequate to address the possible need to
quarantine, isolate, or shutdown computers or portions of the internet or networks
within the United States in a time of emergency caused by a massive cyber-attack.
Even if current domestic authorities can withstand the policy and legal scrutiny, the
uncertainty and potency surrounding such authorities is enough to warrant new
legislation that can provide “clear guidance and an enhanced ability to rapidly
execute national level decisions for response options to sophisticated attack.”
Accordingly, the time is now to rethink executive cyberspace emergency powers
before there is a true need to build cyber walls.
Part II of this article illustrates the current cyber threat picture facing the United
States. Part III then discusses the main target of these threats in cyberspace: the
11. See William Toronto, Fake News and Kill Switches: The U.S. Government’s Fight to Respond to and
Prevent Fake News, 79 A.F. L. REV. 167, 180 (2018); Jessica “Zhanna” Malekos Smith, Where the Cyber
Things Are, 5 HOMELAND & NATL SECURITY L. REV. 1, 15-18 (2016); Scott Ruggiero, Comment, Killing
the Internet to Keep America Alive: The Myths and Realities of the Internet Kill Switch 15 SMU SCI. &
TECH. L. REV. 241, 241-42 (2012); Karson K. Thompson, Not Like an Egyptian: Cybersecurity and the
Internet Kill Switch Debate, 9 TEX. L. REV. 465, 477 (2011); Gene Healy, Emergency Exit Strategy, CATO
INST. (June 24, 2019),; Elizabeth Goitein, The Alarming Scope of the
President’s Emergency Powers, THE ATLANTIC (Jan./Feb. 2019), But see
David W. Opderbeck, Does the Communications Act of 1934 Contain a Hidden Internet Kill Switch?, 65
FED. COMM. L.J. 1, 17 (2013); cf. Paul Rosenzweig, The Powers of Trump and the Internet “Kill Switch”,
LAWFARE BLOG (June 2, 2016),
12. National Security Telecommunications Advisory Committee, NSTAC Response to the Sixty-Day
Cyber Study Group Mar.(Mar. 12, 2009) [hereinafter NSTAC],

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT