Republicans Pledge to Work With Obama on Cybersecurity

The Telecommunications Law Resource Center is the most comprehensive reference and news platform for communications law, covering broadcasting, cable, broadband, telephony and wireless;...

By Alexei Alexis

Jan. 13 — President Barack Obama’s effort to renew momentum for cybersecurity legislation has largely been welcomed by the Republican-controlled Congress, with Senate Majority Leader Mitch McConnell (R-Ky.) and a number of other key lawmakers announcing plans to work with the White House on the issue.

The president is seeking congressional action on a suite of legislative proposals, addressing such areas as cyberthreat data sharing between the government and private sector and data security breach notification to U.S. consumers. A key challenge in previous Congresses has been that multiple committees share jurisdiction over cybersecurity, McConnell told reporters Jan. 13.

“We're going to make another run at breaking through that problem, and getting something that the president can sign,” he said after a Senate Republican policy lunch.

Earlier in the day, McConnell and other congressional leaders met with Obama, at the president's request, to talk about a range of matters, including cybersecurity.

House Speaker John Boehner (R-Ohio) indicated during the meeting that Republicans are ready to work on putting some “common-sense” cybersecurity measures on the president’s desk, according to a statement issued by the congressman's office.

“Unfortunately, some of those measures never went anywhere in the Democratic-controlled Senate,” the statement said.

In the previous Congress, the House passed a controversial bill that would have provided liability protection to companies that share cyberthreat information with the federal government, but a similar bill was stalled in the Senate.

Obama ‘Confident' on Outlook

After his Jan. 13 meeting with congressional leaders, Obama said he was “confident” that bipartisan cybersecurity legislation can be crafted soon.

“We're going to keep on working with Congress to get this done, and in the meantime, we're going to do everything we can with our existing authorities to make sure industry gets the information it needs to better defend itself,” Obama said during a speech at the Department of Homeland Security.

The administration's cybersecurity effort comes in the wake of a number of high-profile data breaches, including a recent attack on the computer networks of Sony Pictures Entertainment.

Obama is calling for the current Congress to act on an updated version of a cybersecurity legislative proposal that was unveiled by his administration in 2011. The new package includes provisions to encourage the private sector to share cyberthreat data with the DHS National Cybersecurity and Communications Integration Center (NCCIC), which would then disseminate the information “in as close to real-time as practicable” to relevant federal agencies and to private sector-led information sharing and analysis organizations (ISAOs), by providing “targeted liability protection” for companies that share information with such entities, according to a White House fact sheet released Jan. 13.

The proposal would safeguard Americans’ personal privacy by requiring private entities—as a condition of qualifying for liability protection—to comply with certain restrictions, such as removing unnecessary personal data and taking measures to protect any personal information that is shared, the administration said.

Proposed White House Provisions

The president's package also includes provisions to give law enforcement new tools to fight cybercrime. The legislation would, for example, criminalize the overseas sale of stolen U.S. financial information, such as credit card and bank account numbers; expand federal law enforcement authority to deter the sale of spyware used to stalk or commit identity theft; and give courts the authority to shut down “botnets” engaged in distributed denial-of-service attacks and other criminal activity. Another piece of the legislation would establish a national standard for data security breach notification to consumers in an effort to curb identity theft and harmonize existing state laws.

The White House also announced that it will hold a Feb. 13 Summit on Cybersecurity and Consumer Protection at Stanford University to “help shape public and private sector efforts to protect American consumers and companies from growing threats.”

The summit is expected to bring together major stakeholders on cybersecurity and consumer financial protection issues, and include White House and administration officials as well as representatives from the financial services industry, technology and communications companies, computer security companies and the retail industry.

Sen. John Thune (R-S.D.), chairman of the Senate Commerce, Science and Transportation Committee, told reporters Jan. 13 that he was hopeful for progress on data breach legislation, despite challenges in the past.

“I think the House will move fairly early on that, and I think there will be pretty good, bipartisan support here in the Senate,” he said.

Cyberthreat information sharing is expected to be a top focus of the Senate Homeland Security and Governmental Affairs Committee and the House Homeland Security Committee, according to a Jan. 13 statement issued by the chairmen and ranking members of the panels.

“My committee is currently working on cybersecurity legislation to remove any unnecessary legal barriers for the private sector to share cyber threat information,” House Homeland Security Committee Chairman Michael McCaul (R-Texas) said in a statement.

To contact the reporter on this story: Alexei Alexis in Washington at

To contact the editor responsible for this story: Heather Rothman at

The White House fact sheet is online at: