From: National League of Cities

by Mitchel Herckis

From the White House to Congress, federal leaders are looking at a range of policy options to bolster the United States’ ability to thwart Internet threats ranging from cybercrime to terrorist activity. With the White House having released a cybersecurity proposal in May and no less than three Senate committees considering legislation, there is consensus that the federal government must do more to ensure the safety of e-commerce and secure critical infrastructure from online threats.

Virtually all the proposals before Congress to bolster cybersecurity would impact cities and towns in some manner. NLC’s Public Safety and Crime Prevention (PSCP) Committee has dedicated significant time this year to considering additions to National Municipal Policy on cybersecurity concerns. Of greatest concern is the cyber threat to critical infrastructure owned by municipal governments and securing the vast amounts of sensitive electronic data most cities hold on their infrastructure, citizens and employees.

The PSCP Steering Committee has heard from a number of speakers on just how dangerous the cyber threat has become in a short period of time.

“We are working to ensure that the National League of Cities has the right policies in place to advocate for cities on what has become a serious criminal and homeland security concern,” said Committee Chairman Erich Hackney, councilmember, Lumberton, N.C.

The committee’s policy discussions on cybersecurity could not come at a more important time. In May, the administration sent Congress a comprehensive proposal on cybersecurity.

Most significantly for cities, the proposal would require the creation of critical infrastructure cybersecurity plans. The Department of Homeland Security (DHS) would collaborate with critical infrastructure stakeholders, ranging from power and water utilities to the financial sector, ensuring they are aware of the greatest cyber risks to their assets. Each critical infrastructure operator would develop a plan for addressing the threats, which would need to be certified by a third-party commercial auditor.

The Administration’s legislative proposal would also direct DHS to create a voluntary information-sharing network among industry and government to prevent or minimize the damage of cyber-attacks, as well as provide advice for fixing damaged systems and building better defenses. The bill would also create national standards for informing individuals when sensitive personal data has been compromised due to an electronic security breach.

The White House’s cybersecurity effort was built upon the prior legislative work of key members of Congress. Senate Homeland Security and Government Affairs Committee Chairman Joseph Lieberman (I-Conn.) and Ranking Member Susan Collins (R-Maine), along with Subcommittee Chairman Tom Carper (D-Del.), introduced the Cyber Security and Internet Freedom Act of 2011 (S. 413) in February. Similar to the President’s proposal, S. 413 would direct DHS to become involved in securing critical infrastructure from online threats and improving information sharing.

Senate Judiciary Chairman Patrick Leahy’s (D-Vt.) Personal Data Privacy and Security Act (S. 1151) contains language that mirrors the administration’s proposal to create national standards for data breach notification and new tools to combat cybercrime.

Other legislative proposals on cybersecurity and online crime may also be considered by this Congress. The Senate Judiciary Committee recently approved Chairman Leahy’s PROTECT IP Act (S. 968), which gives the Department of Justice and other law enforcement new powers to enforce copyright and trademark law against “rogue” and “pirate” websites that offer unlicensed copies of protected content or sell illegal knock-offs of brand-name goods.

NLC’s National Municipal Policy supports federal efforts to address cyberspace crimes such as Web piracy, which has a detrimental impact on jobs and the economy.

NLC has also stated its concerns regarding the use of the Internet to circumscribe prescription drug laws. The bill has significant bipartisan support with more than 20 cosponsors.

The Senate Commerce, Science, and Transportation Committee has also invested significant time on the issue of cybersecurity, holding hearings last week on online consumer privacy and data security. It is likely that Senate Commerce, Science, and Transportation Committee Chairman John D. Rockefeller IV (D-W.Va.) will contribute to any comprehensive cybersecurity legislation that passes the Senate.

NLC’s PSCP Committee intends to propose a resolution on cybersecurity and online criminal activity at the 2011 Congress of Cities.