Related Stories

  • ACLU: Obama's cybersecurity executive order is privacy-friendly
    President Obama has signed an executive order to protect US critical infrastructure from cyberattacks by improving cybersecurity information sharing between the government and owners/operators of the nation’s critical infrastructure. Meanwhile, the US House of Representatives is reintroducing the Cyber Intelligence Sharing and Protection Act (CISPA), which passed the House during the last Congress but failed to gain traction in the Senate. According to the ACLU, when it comes to privacy, one of these things is not like the other.
  • CISPA to return this Wednesday
    On Friday, House Intelligence Committee Chairman Mike Rogers (R-Mich) and ranking member Rep Dutch Ruppersberger (D-Md) announced their intention to re-introduce the Cyber Intelligence Sharing and Protection Act (CISPA) on Wednesday, 13 February.
  • New EU cyber security directive (a European CISPA) expected within weeks
    On December 18, 2012, EU Commissioner Neelie Kroes announced her ‘digital to-do list’ for 2013-2014, one of which is to ‘propose EU cyber-security strategy and Directive’. The draft directive is now in circulation and will likely be presented later this month or early next.
  • Senator warns Cybersecurity Act has same privacy problems as CISPA
    Sen. Ron Wyden (D-Ore.) has come out against the Democratically sponsored Cybersecurity Act, comparing it to the controversial Cyber Intelligence Sharing and Protection Act (CISPA) in terms of privacy concerns.
  • In rare display of action, House passes CISPA, FISMA overhaul bills
    Who says Congress doesn’t do anything? It turns out the US House was able to debate the controversial Cyber Information Sharing and Protection Act (CISPA), consider all of the proposed amendments, and pass the bill, along with a bill to overhaul the Federal Information Security Management Act (FISMA) last Thursday.

Top 5 Stories


House, Obama Administration nearing an agreement on CISPA

04 March 2013

US House of Representatives Intelligence Committee Chairman Mike Rogers (R-Mich.) said that his committee’s negotiations with the White House on a new cybersecurity bill have resumed, with a draft for markup on target to appear in April.

"We're still negotiating a lot of little pieces of the bill with privacy groups and the White House, and we're having great conversations with both Democrat and Republican senators now, so I'm hoping to have that wrapped up by April, where we can actually move a product in April," Rogers told the Hill.

A new version of the Cyber Intelligence Sharing and Protection Act (CISPA) was introduced in the House by Rogers and ranking member Rep. Dutch Ruppersberger (D-Md) last month. A similar joint bill passed the House last year, but died in the Senate amid administration objections.

The bill is primarily an information-sharing initiative, which would make it easier for private corporations and government entities to share information on threats, attacks and remedies in order to shore up defenses. However, at issue is the scope of the roles that the Department of Homeland Security and other government agencies would have, and how personal information will be used and protected.

The House bill as written would offer broad protection from lawsuits to companies that give over user data to the Department of Homeland Security, which in turn would share it with intelligence agencies on a need-to-know basis. But parsing out user data only related to specific threats is an onerous process for companies, requiring significant IT investment. Plus, it is likely that a good amount of unrelated personal information could slip through the reporting cracks, which has opened up questions of privacy.

"Candidly, you don't need a lot of personal information to fight the threat," Rogers told Reuters.

Rogers said the talks have been spurred along by recent high-profile hacks at venerable institutions like the New York Times, and major technology companies like Apple and Facebook.

"What helped is that the New York Times, Washington Post and Wall Street Journal were all hacked and they talked about it publicly," Rogers said. "It is starting to raise awareness. I can feel movement."

Rogers also said that state-sponsored cyber-terrorism activity is forcing everyone’s hands. For instance, he has "a high degree of confidence" that Iran was behind the recent spate of attacks on financial institutions as well as the August 2012 attack on Saudi Aramco that took out 30,000 PCs.

"You have this non-rational actor that has the capability to cause chaos to people's networks and could be economically destructive,” Rogers said.

This article is featured in:
Compliance and Policy  •  Industry News  •  Internet and Network Security  •  Public Sector  •  Security Training and Education


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×