- Gentlemen, start your drones: Judge’s ruling opens door for commercial use
- Soldier who hid, bragged about not saluting flag to be punished — in secret
- ‘Maverick’ of the seas: ‘Top Gun’ school for U.S. ship officers to launch
- Putin declares Sochi Paralympics open amid Ukrainian protest
- ‘In Jesus name, we pray’ sparks ire at Ohio council meeting
- Navy’s first laser weapon ready for prime time; drone killer to deploy this summer
- Billionaire backer: Rick Santorum ‘needs to be heard’ in 2016
- Obamacare fallout: 49 percent pessimistic; 45 percent ‘scared’
- DHS accused of holding U.S. citizen at airport, using emails to pry into her sex life
- Seattle socialist: Minimum-wage discussion skewed by ‘right-wing’ GAO analysis
House panel OKs cybersecurity bill; opponents fear more monitoring of Internet
Opponents of a bill to let private companies share cybersecurity information with the federal government vowed Thursday to continue their fight, saying the proposed law would lead to broader government monitoring of the Internet.
The American Civil Liberties Union opposes the bill because “Companies can still share personal information with each other or the government [and] military agencies like the NSA are still allowed to collect American Internet information,” ACLU legislative attorney Michelle Richardson said.
The House Permanent Select Committee on Intelligence approved the bill 18-2 at a closed-door markup Wednesday, after adopting amendments designed to assuage fears that the proposal would allow broad government monitoring of domestic electronic communications and scoop up the private data of Americans for analysis by the National Security Agency.
The bill now is expected on the House floor as early as next week, according to congressional staff.
“This is not a surveillance bill,” said Rep. Mike Rogers, Michigan Republican and committee chairman. “This bill does not allow the NSA or any government agency to plug into domestic networks and listen in.”
During the two-hour-plus meeting, the committee rejected two amendments supported by Internet civil liberties advocates and proposed by the two Democrats who ended up voting against the bill — Reps. Adam B. Schiff of California and Janice D. Schakowsky of Illinois.
The Schiff amendment would have required companies sharing cybersecurity information — for instance, samples of network traffic data in real time — to make “reasonable efforts (which may include automated processes)” to strip out the personally identifiable or private data of individuals “unrelated to a cyberthreat.”
Mr. Schiff expressed disappointment that his amendment was voted down.
“It is not too much to ask that companies make sure they aren’t sending private information about their customers, their clients and their employees to intelligence agencies, along with genuine cybersecurity information,” he said in a statement.
The Software and Information Industry Association, which represents the big companies that make software, games and other digital content, opposed the amendment.
Mr. LeDuc offered as an example data tracing a hacker’s route into a compromised network, which might include his impersonating or taking over the machine of a person at the company to get access to the system. That trace data might contain names and passwords belonging to innocent third parties, Mr. LeDuc said.
Committee staffers said lawmakers had adopted a different amendment, one that would require the government to strip out personal data.
The amended bill would “require government to establish procedures to minimize the [cybersecurity threat] information they receive of any” personally identifying information, said Rep. C.A. Dutch Ruppersberger of Maryland, the committee’s ranking Democrat. His district includes NSA’s headquarters at Fort Meade.
He and Mr. Rogers spoke with reporters on a conference call this week ahead of the closed-door session.
“The government is best placed to do the minimization,” a committee staffer added. The bill would offer companies the chance to voluntarily minimize out personal data, the staffer said, and companies probably would want to do so because of “concern about their reputation.”
The Schakowsky amendment would have made the Department of Homeland Security the lead federal agency for collecting information from and sharing it with the private sector.
“Our bill is silent on where companies go to get the [cybersecurity threat] information back to the government,” said the committee staffer, adding it would be up to the Obama administration to define which agency or agencies played that role.
Critics are concerned that the lead will end up with the government agency that has the greatest resources and the most skilled employees in the arena of cybersecurity — the highly secretive and enormously powerful NSA.
But he said the NSA likely would play a major role.
“If you don’t have the capability of the NSA, taking that information from the Iranians and the North Koreans and others, and allowing that to get back into the system, it’s worthless. And if you want the gold-standard protection from cyberattacks, the NSA has to be at least somewhere. They don’t have to get it, they don’t have to be the lead in it, but they’re the ones that have the capability,” Mr. Rogers said.
“The effect of that is to shift the control of the cyberprogram from civilian hands to a secretive military agency,” said Greg Nojeim, senior counsel at the Center for Democracy and Technology. “It’ll be very difficult for there to be any transparency or any accountability if that shift happens.”
Other amendments supported by Mr. Rogers and Mr. Ruppersberger and passed by the committee would limit companies’ use of cyberthreat information they receive from the government and other companies strictly for cybersecurity purposes. This would “address concerns that they might use it for marketing or other noncybersecurity purposes,” according to Mr. Rogers. And another gives the privacy officers of all the agencies involved additional oversight authority.
Congress has struggled and failed for years to pass broad cybersecurity legislation to protect nationally vital computer and communications networks such as the phone system or the computer systems of major banks from infiltration and attack by hackers, criminals, and even foreign espionage or military agencies.
But the Cyber Intelligence Sharing and Protection Act (CISPA), its authors say, would remove legal barriers that stop private-sector network owners and federal agencies from sharing real-time data with one another so online intruders or attackers can be detected and thwarted.
CISPA has “very narrowly drawn authorities with no room for misuse or abuse,” Mr. Rogers said.
The Obama administration threatened to veto a similar bill with the same name during the election campaign last year, citing privacy concerns, but the authors say they have been working to address the concerns of the White House.
“We’re closer on some [issues] and haven’t gotten close on others,” Mr. Rogers said.
Many technology firms and industry groups support the proposed new law, including AT&T, IBM, the U.S. Chamber of Commerce and Comcast, according to Maplight, a nonprofit that tracks lobbying expenditures and political donations.
Collectively, the bill’s supporters gave more than $3.25 million to members of the intelligence committee between July 2010 and July 2012, Maplight reported after analyzing federal data.
By contrast, the groups opposing the bill gave $212,208 over the same period.
However, as Maplight point out, more recent figures might tell a different story.
“Several major web companies that had supported the bill in the last session of Congress (Facebook, Microsoft, and others) have withdrawn their support for the bill this session, citing concerns about privacy,” Maplight notes.
Mr. Schiff called on the House leadership, who now must schedule a floor debate and decide which amendments will be considered, “to ensure that we have a full and open debate and that my amendment, and others to make a real difference in protecting privacy and civil liberties, receive an up or down vote on the House floor.”
© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.
About the Author
Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...
- Senator's memo shows Iran links in Homeland Security's troubled immigration program
- Help wanted: Homeland Security plagued by vacancies at the top
- Dems back bill to fix problems in investor visa program
- Democrats proceed with Mayorkas vote despite pending investigation
- Game players don't think peace has a chance in Syria
Latest Blog Entries
TWT Video Picks
Taxpayers must pay the freight for over-budget train projects
- Kim Jong-un calls for execution of 33 Christians
- Rand Paul wins 2014 CPAC straw poll, Ted Cruz finishes a distant second
- U.S. pilot scares off Iranians with 'Top Gun'-worthy stunt: 'You really ought to go home'
- Russias Putin nominated for Nobel Peace Prize
- CPAC 2014 straw poll results
- EDITORIAL: As jobs vanish, Obama wants more of same
- DHS accused of holding U.S. citizen at airport, using emails to pry into her sex life
- Putin has transformed Russian army into a lean, mean fighting machine
- Stolen European passports on Malaysian Airlines Boeing 777
- Bill Clinton poses for photo with Bunny Ranch prostitutes
Pope Francis meets his 'mini-me'
Celebrity deaths in 2014
Winter storm hits states — again