Senate Cybersecurity Bill in the WorksBipartisan Measure Addresses Cyberthreat Info Sharing
Two key Senators are circulating a draft of cybersecurity legislation designed to promote the sharing of cyberthreat information by offering liability protection.
See Also: 2016 State of Threat Intelligence Study
Senate Intelligence Committee Chairman Dianne Feinstein, D-Calif., and Vice Chairman Saxby Chambliss, R-Ga., on April 30 issued a statement regarding the progress of the bill they've been working on.
"We have worked together for months to draft a bill that allows companies to monitor their computer networks for cyber-attacks, promotes sharing of cyberthreat information and provides liability protection for companies who share that information," the senators say.
"After reaching agreement on draft legislation, we circulated that draft bill language to relevant parties in the executive branch, private industry and the privacy community for comment," they say. "Once those comments are returned, which we hope will happen quickly, we will consider the final legislation."
An official familiar with the matter says there's no timeline for when the bill will be introduced, saying that the legislation in present form is merely a "discussion draft."
House Intelligence Committee Chairman Mike Rogers, R-Mich., and Ranking Member C.A. "Dutch" Ruppersberger, D-Md., in an April 30 statement, commended the progress the senators are making on the bill.
"We applaud the work the Senate Intelligence Committee has done to move this vital legislation forward," the congressmen say. "We urge their Senate colleagues to work with them to get this bill passed through the Senate. Private hackers and countries like China, Russia and Iran pose a serious threat to American companies, networks and critical infrastructure. The House has already passed its cybersecurity legislation, and Congress as a whole must act to give these companies the help they need to defend their networks and our economic prosperity."
Cybersecurity Legislation Efforts
In April 2013, the House of Representatives approved by a 288-127 vote a bill known as the Cyber Intelligence Sharing and Protection Act (see: House Handily Passes CISPA). The measure - aimed at establishing a process for the federal government and businesses to share cyberthreat intelligence - has proven to be one of the more contentious cybersecurity bills Congress has considered.
The White House has threatened to veto CISPA. In May 2013, the Obama administration used a White House petition process to re-emphasize its opposition to CISPA (see: Obama Sides with Anti-CISPA Petitioners). The petition response, written by White House Cybersecurity Coordinator Michael Daniel and Federal Chief Technology Officer Todd Park, says that the Obama administration will vocally advocate for cybersecurity legislation that protects privacy, which it contends CISPA doesn't go far enough in doing. "It's important to keep in mind that there is a larger legislative process that is ongoing as we speak, including efforts in the Senate," Daniel and Park wrote.
Another major issue in the efforts to pass cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information (see: Why Congress Can't Pass Cyber Law).