Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
House Intelligence Committee Chairman Mike Rogers (R-Mich.) and Ranking Member C. A. “Dutch” Ruppersberger (D-Md.) Feb. 13 reintroduced cybersecurity legislation (H.R. 624) that the panel approved in the previous Congress.
Under the “Cyber Intelligence Sharing and Protection Act,” the federal government would be given new authority to share classified cybersecurity threat information with certified companies. Companies could, on a voluntary basis, share information about cyberthreats with the federal government and other companies. The bill would shield companies that acted in good faith from certain liability.
The bill also would provide privacy and civil liberties protections, according a joint Feb. 13 statement by Rogers and Ruppersberger. Among other measures, the bill includes “[n]arrow definitions that permit only the voluntary sharing by the private sector of a limited category of information--cyber threat information--and only for cybersecurity purposes” and “strict restrictions on the government's use, retention, and searching of any data voluntarily shared by the private sector,” according to the statement.
“American businesses are under siege,” House Intelligence Chairman Mike Rogers (R-Mich.) said in the statement. “We need to provide American companies the information they need to better protect their networks from these dangerous cyber threats. It is time to stop admiring this problem and deal with it immediately.”
Rogers is one of several committee chairmen in both the House and Senate who have made cybersecurity a high priority in the current Congress (12 PVLR 237, 2/11/13).
“We need to do everything we can to enable American companies to defend themselves against these devastating cyber attacks,” Ruppersberger said in the statement announcing the bill. “Our bill does just that by permitting the voluntary sharing of critical threat intelligence while preserving important civil liberties.”
Meanwhile, President Obama Feb. 12 signed an executive order directing federal agencies to develop voluntary cybersecurity standards for critical parts of the private sector and to consider proposing new mandates where possible under existing law (see related report).
The bill is identical to H.R. 3523, which was introduced in the previous Congress, Rogers and Ruppersberger said. The House approved H.R. 3523, but it faced a veto threat and was not taken up by the Senate (11 PVLR 721, 4/30/12).
The White House favored a more comprehensive bill (S. 3414) introduced by a group of committee chairmen in the Senate, which would have established cybersecurity standards for the private sector, among other provisions. However, Republicans and Democrats clashed over the measure, and efforts to craft a compromise failed (11 PVLR 1680, 11/19/12).
In a Feb. 13 letter to Rogers and Ruppersberger, a coalition of organizations, including the U.S. Chamber of Commerce, expressed support for the reintroduced bill.
“This legislation is necessary to create a powerful sea change in the current information sharing practices between government and the business community that reflects the conditions of an increasingly digital world,” the letter said. “Our organizations have consistently supported legislation that would put timely, reliable, and actionable information into the hands of business owners and operators so that they can better protect their systems and assets against nefarious actors, including rogue individuals, organized criminals, and groups carrying out state-sponsored attacks.”
In addition to providing privacy and civil liberties protections, the organizations said, the measure “provides the needed legal certainty that threat and vulnerability information voluntarily shared with the government would be provided safe harbor against the risk of frivolous lawsuits, would be exempt from public disclosure, and could not be used by officials to regulate other activities.”
Full text of H.R. 624, as introduced, is available at http://op.bna.com/pl.nsf/r?Open=kjon-94wm9c.
Full text of the coalition's letter is available at http://op.bna.com/pl.nsf/r?Open=kjon-94wmry.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)