US Cyber Security Bills

In a story published by the Associated Press on April 29, 2012 it said the House Republicans and Democrats expressed optimism Friday about sending a cyber security bill to President Obama this year. The House delivered a bipartisan vote (248 to 168) on April 26 for the Cyber Intelligence Sharing and Protection Act despite a White House veto threat. The bill would encourage companies and the federal government to share information collected on the Internet to help prevent electronic attacks from cyber criminals, foreign governments and terrorists. The House also approved 3 other less-divisive cyber-related bills including one on April 27 (395 to 10 vote) that improves coordination between the private and public sectors on research and development on cyber security. “Four bills coming out of the House with strong majorities, I really think the burden is on the Senate to do something. They can do big bills, small bills, it really doesn’t matter. Just do something” said Representative Mac Thornberry (R-Texas). The House bill would impose no new rules on businesses, a Republican imperative. In the Senate several Democrats and Republicans prefer a bill by Senators Joseph I. Lieberman (I-Connecticut.) and Susan Collins (R-Maine) that would give the Department of Homeland Security the primary role in overseeing domestic cyber security and the authority to set security standards. The House bill does not give Homeland Security that authority. The White House favors the Senate measure. The Senate could act as early as next month on the legislation although it’s uncertain what might emerge in light of internal Senate disputes. House members hope disagreements on a final bill could be settled by a House-Senate conference committee, if not earlier. “We have a bill; now we start resolving the issues,” said Representative C.A. Dutch Ruppersberger of Maryland, the House Intelligence Committee’s top Democrat. He said he has talked to both the White House and top members of the Senate intelligence panel about moving forward. More than 10 years after the terrorist attacks of September 11, 2001 lawmakers describe it as an initial step to deal with an evolving threat in the Internet age. “We really don’t have a choice to sit still because our adversaries are not sitting still,” said Representative Adam B. Schiff (D-California) in an interview Friday. Schiff, a member of the intelligence panel said he didn’t think the House and Senate were far apart and expected the various factions to resolve such thorny issues as strengthening privacy protections, whether the government can require the private sector to take steps to protect infrastructure and the role of Homeland Security. House Speaker John A. Boehner (R-Ohio) challenged the administration’s approach, he said “The White House believes the government ought to control the Internet, government ought to set standards and government ought to take care of everything that’s needed for cyber security. They’re in a camp all by themselves.” The House bill would allow the government to relay cyber threat information to a company to prevent attacks from Russia or China. In the private sector corporations could alert the government and provide data that could stop an attack on the country’s water supply or the banking system. Faced with widespread privacy concerns, Representative Mike Rogers (R-Michigan), chairman of the House Intelligence Committee, and Ruppersberger pulled together an amendment that limits the government’s use of threat information to 5 specific purposes: cyber security; investigation and prosecution of cyber security crimes; protection of individuals from death or serious bodily injury; protection of minors from child pornography; and the protection of national security. The White House along with a coalition of liberal and conservative groups and some lawmakers strongly opposed the bill complaining that privacy could be violated. They argued that companies could share an employee’s personal information with the government and the data could end up in the hands of officials from the National Security Agency or the Defense Department. They also challenged the bill’s liability waiver for private companies that disclose information, complaining that it was too broad. Despite the objections Thornberry said he didn’t take the veto threat seriously. “I cannot conceive of a president vetoing a bill on an issue that they talk about as being this serious, dealing with a part of the issue they support. They support information-sharing” he said.

Back in January 2012 the House passed the Stop Online Privacy Act-HR 3261 that was described as “The worst proposed internet law in American history” and an “Internet Blacklist Bill”; because of protests Congressmen withdrew their support and killed the bill. At this time the Senate had SB 968-The Protect IP Act (Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011–PIPA) that would shut down an online domain if any copyright material was obtained online without the permission of the material’s owner; it was a re-write of the Combating Online Infringement and Counterfeits Act (COICA) which failed to pass in 2010. On January 18 (same day as the Wikipedia blackout) senators introduced the Online Protection and Enforcement of Digital Trade Act (OPEN) which offered more protection than SOPA to sites accused of hosting pirated content, it also beefed up the enforcement process and would allow digital rights holders to bring cases before the US International Trade Commission (ITC), an independent agency that handles trademark infringement and other trade disputes.

It’s obvious that this issue is not over.