House Homeland Security Leaders Introduce Cybersecurity Legislation

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Dec. 11 --Leaders of the House Homeland Security Committee Dec. 11 introduced a bipartisan bill (H.R. 3696) to address cyberattacks on the nation's banking system, energy pipelines, telecommunications networks and other “critical infrastructure.”

Information Sharing Programs

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 would codify the Department of Homeland Security's role as a central point for cyberthreat information sharing between the federal government and private sector, while prohibiting any new regulations from the agency.

H.R. 3696 would amend the Homeland Security Act, 6 U.S.C. § 101, to clarify and expand its scope to cover cybersecurity issues.

The bill would task the secretary of homeland security with creating new public-private threat assessment information sharing programs but specifically states that DHS cannot require businesses to adopt its recommendations.

The proposed law would task other federal agencies to address specific critical infrastructure sectors and create a coordinating council including private sector stakeholders.

H.R. 3696 would also bolster cybersecurity safeguards and processes to protect information maintained by the federal government and focus on improving federal cybersecurity staffing.

Technology Liability Protection

In addition, the measure would amend the Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act, 6 U.S.C. § 441, to give companies the opportunity to obtain new liability protections in the area of cybersecurity.

According to DHS, the goal of the existing SAFETY Act is “to encourage the development and deployment of effective anti-terrorism products and services by providing liability protections.” It provides liability protection for companies that implement anti-terrorism technologies.

H.R. 3696 would expand existing liability protections for providers of “Qualified Anti-Terrorism Technologies” to add “cybersecurity” defense technologies to its protections.

Bipartisan Bill Sponsors

“Americans could be greatly harmed by a cyber assault on our nation's power supply, water or banking systems,” House Homeland Security Committee Chairman Michael McCaul (R-Texas) said in a Dec. 11 statement announcing the proposal.

The bill is co-sponsored by Rep. Bennie Thompson (D-Miss.), the committee's ranking member, and by Reps. Patrick Meehan (R-Pa.) and Yvette Clarke (D-N.Y.), the chairman and ranking member of the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies.

McCaul is one of several key members of Congress who made cybersecurity a top priority at the beginning of the year.

The bill was referred to House committees on: Homeland Security; Science, Space, and Technology; and Oversight and Government Reform.

H.R. 3696, as introduced, is available at