From: Bloomberg
By Eric Engleman
The House Intelligence Committee may this week pass a cybersecurity proposal that provides lawsuit immunity sought by companies including AT&T Inc. (T) and Boeing Co. (BA)and alters privacy provisions to overcome a veto threat.
Committee Chairman Mike Rogers, a Michigan Republican, and the panel’s top Democrat, C.A. “Dutch” Ruppersberger ofMaryland, are mulling changes in the bill they first introduced last year. They would include provisions requiring the government to make data more anonymous and limit how it can be used, according to two people who described a committee staff call briefing U.S. Chamber of Commerce members this month.
The people asked not to be named because changes haven’t been announced yet.
The bill, which President Barack Obama’s administration threatened to veto last year partly over privacy concerns, is slated for a committee vote April 10 in a closed session.
“We need to get a little more specific in terms of what type of information we’re sharing and under what circumstances,” said Frank Cilluffo, director of George Washington University’s Homeland Security Policy Institute and a former special assistant to President George W. Bush.
Congress is renewing its push to improve U.S. digital defenses as warnings increase about computer attacks. A Feb. 19 report from security firm Mandiant Corp. concluded the Chinese army may be behind a hacking group that has hit at least 141 companies worldwide since 2006.
Corporate Support
Many of the House bill’s corporate supporters are among the top 20 contributors to Rogers’ 2011-2012 campaign committee, according to the Center for Responsive Politics, a Washington-based research group. They include AT&T, Verizon Communications Inc. (VZ), Boeing and Lockheed Martin Corp. (LMT) employees and their families.
Ruppersberger’s top contributors in the same period also include Boeing and Lockheed employees and their families, according to the center.
“Boeing supports candidates with whom we have alignment on issues of importance to the company,” Gayla Keller, a Boeing spokeswoman, said in an e-mail.
“With 82 percent of our company’s sales derived from U.S. government customers, we naturally have interactions with virtually every standing committee in the United States Congress” that has agency oversight, Rob Fuller, a Lockheed Martin spokesman, said in an e-mail.
Michael Balmoris, an AT&T spokesman, didn’t immediately respond to a request for comment. Edward McFadden, a Verizon spokesman, declined to comment.
Privacy Provisions
The American Civil Liberties Union and other advocacy groups have stoked online opposition to the House bill, saying it would allow Americans’ personal data to be shared with the National Security Agency and the military, and let the government use that data for undefined “national security”purposes.
The bill is a “privacy disaster” in its current form, Michelle Richardson, ACLU legislative counsel, said in an interview. Congress should focus on “smarter alternatives,”she said.
Intelligence committee leaders are considering adding other clauses, such as one preventing companies from getting immunity for counterattacks against hackers, according to the two people who described the committee staff call briefing and Chamber members.
The proposed changes don’t include putting a civilian agency such as the Homeland Security Department in charge of information sharing, a priority of privacy advocates, according to the people on the call. Susan Phalen, a spokeswoman for the House Intelligence Committee, declined to comment.
Representative Adam Schiff, a California Democrat on the committee, said he would introduce an amendment requiring companies to try to remove personal data before sharing.
White House
The legislation, called the Cyber Intelligence Sharing and Protection Act, passed the House 248 to 168 last April and didn’t advance in the Senate.
Rogers has said Obama’s cybersecurity executive order in February created an opening to pass an information-sharing bill. The order creates a system of voluntary computer-defense standards for critical industries, an element of Senate legislation blocked last year by Republicans who said it would lead to burdensome regulation.
Senate Action
Caitlin Hayden, a White House spokeswoman, declined to comment on the House bill, referring to previous statements that cyber legislation should guard privacy, reinforce the appropriate roles of civilian and intelligence agencies, and include “targeted” liability protections for companies.
A Feb. 13 petition on the White House website protesting the Rogers bill’s lax privacy protections has gathered 100,000 signatures, the threshold to trigger a White House response. Hayden declined to say how or when the White House would respond.
The House bill’s chances of passage depend on what action the Senate takes, and Senate committee leaders haven’t yet decided on their cybersecurity strategy.
“The bill doesn’t really go very far until the Senate has something that can match it, and they’re not close to that,”said James Lewis, technology program director at the Center for Strategic and International Studies in Washington.
Facebook Inc. (FB), Microsoft Corp. (MSFT) and some technology trade groups that endorsed the original House legislation have been more tepid this year.
Facebook, owner of the world’s largest social network, said in a letter last year the legislation “helps provide a more established structure for sharing within the cyber community while still respecting the privacy rights and expectations of our users.”
Asked for Facebook’s current position, spokeswoman Jodi Seth said in an e-mailed statement the company is “encouraged”by the House interest and seeks a “legislative balance” that promotes information sharing and ensures the privacy of its users.
Leave a Reply