National Security Council spokeswoman Caitlin Hayden said that cybersecurity legislation should include strong privacy protections and should set mandatory security standards for critical infrastructure systems, such as electrical grids and water supplies, according to a statement by Hayden obtained by The Hill newspaper.
The purpose of the legislation, according to proponents, is to enable participating businesses to share cyber threat information with others in the private sector and enable the private sector to share information with the government on a voluntary basis in order to combat cyber espionage and intellectual property theft.
However, Hayden stressed that “critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone. Also, while information sharing is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens. Legislation without new authorities to address our nation’s critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation's urgent needs.”
The statement was issued following a classified briefing for House members by top White House officials.
"The classified briefing was intended to provide all House members with an appreciation for the cyber threat facing the nation as they consider new legislative authorities that could help the US government prevent and more quickly respond to cyber intrusions and attacks", Hayden explained.
The House is expected to vote on CISPA next week.