Cybersecurity Bill Gets House Approval

According to a nextgov.com article, a cybersecurity bill was unanimously approved by the House Intelligence Committee last Thursday. The bill would increase computer data sharing between the government and the private sector and there are of course concerns about the bill’s effect on government surveillance – but all the same, the panel moved the measure forward in a closed session a mere two days after introducing it. Next Gov notes this is a sign of how urgently lawmakers in both parties want to move the bill to the floor.

The bill’s goal is to get companies to voluntarily share with the government more “cyberthreat indicators” a.k.a. computer data that has to do with cybersecurity. The idea is to entice companies to do this by offering them greater liability protections.

Here’s an excerpt from the article for more details:

By sharing and analyzing greater amounts of data, backers of the bill say, government agencies and businesses can more effectively detect, minimize, and possibly even prevent debilitating hacks like the one that recently crippled Sony Pictures.

"This bill will help defend U.S. networks against a wide array of cybercriminals who are becoming more active and more threatening every day," Devin Nunes, the Republican chairman of the panel, said in a statement. "It's a bipartisan approach with strong privacy protections that will have a deep impact on this growing problem."

President Obama and congressional leadership in both parties began the year underscoring cybersecurity as one of a small handful of policy areas where bipartisan consensus could realistically be achieved. Now it appears that both chambers of Congress are poised to move forward on information-sharing legislation quickly in April after lawmakers return from the two-week spring recess, although the White House has yet to offer any endorsement.

But privacy advocates continue to worry that the legislation will grant the government more ways to spy on Americans, and many have signaled they will refuse to back any information-sharing proposal before Congress overhauls the National Security Agency's mass spying operations. Key provisions of the post-9/11 USA Patriot Act that authorize the agency's bulk collection of U.S. call data are due to sunset on June 1, but lawmakers have so far not reintroduced reform legislation that narrowly failed to survive Congress late last year.

To quell fears, the House bill specifies that private companies must make reasonable attempts to scrub any personally identifiable information before handing it over to the government. After intake, the civilian agency collecting the data must complete another round of scrubbing private data before the data can be shared with the NSA or the Defense Department.

In addition, the House measure contains three sections that explicitly prohibit the use of data collected through the information-sharing regime for any government surveillance purposes. The panel also adopted one manager's amendment on Thursday to satisfy privacy concerns raised by the White House and some members of the committee.

Despite those safeguards, the bill has its detractors. Robyn Greene, policy counsel at New America's Open Technology Institute, said in a statement this week that the language "will significantly increase cybersurveillance, and it may even undermine cybersecurity rather than enhance it."

But the privacy community's resistance to the House measure has been more muted than it was against the Senate bill passed earlier this month, signaling that the language may be closer to where even some civil-liberties groups can get on board. Still, many of those groups would like to see NSA reform come first or see it combined with information-sharing in a broad package—a possibility Nunes roundly dismissed.

 

For the rest of the article, click here: http://www.nextgov.com/cybersecurity/2015/03/house-advances-cybersecurity-bill-despite-surveillance-fears/108544/