CybersecurityBipartisan cybersecurity measure to be introduced in Congress

Published 14 October 2013

Senator Saxby Chambliss (R-Georgia) last week said he was “very close” to introducing legislation which would encourage the private sector and government agencies to share information regarding cyberattacks. Chambliss has proposed a government “portal,” operated by DHS, to handle information coming from the private sector. Privacy advocates welcome the proposal for a civilian agency like DHS to operate the information sharing “portal” (in earlier versions of proposed cybersecurity legislation, the NSA was tasked with a similar coordinating responsibility).

The tenses debates over the budget continuing resolution and raising the debt limit have brought other legislative initiatives to a halt, but at least cybersecurity legislation appears to be moving forward.

Senator Saxby Chambliss (R-Georgia) last week said he was “very close” to introducing legislation which would encourage the private sector and government agencies to share information regarding cyberattacks. The bill would be the Senate’s version of the House’s Cyber Intelligence Sharing and Protection Act (CISPA). Chambliss and Senate Intelligence Committee chairwoman Dianne Feinstein (D-California), have been working with CISPA authors, Representatives Mike Rogers (R-Michigan) and Dutch Ruppersberger (D-Maryland).

If the Senate pass Chambliss’s bill, there is an opportunity for the two bills to be merged. The leaks by Edward Snowden about NSA surveillance activities delayed the Senate’s work on cybersecurity legislation. “If we had not been interrupted by the NSA revelations by Mr. Snowden and the need for [Foreign Intelligence Surveillance Act] reform, I think we probably would have been there because that was next on our plate,” Chambliss said at an event at the Newseum hosted by Politico.

The Hill reports that the proposed cybersecurity bill would encourage companies to share information regarding cyber attacks with each other and the government without fear of liability. The bill will also allow government agencies to share more information with the private sector. President Obama has threatened to veto CISPA because it was deemed to be lacking adequate privacy safeguards, but he has urged Congress to pass a cyber information-sharing legislation. Privacy advocates are concerned that CISPA would encourage Internet companies like Google and Yahoo to release users’ information to the NSA and other government agencies.

Chambliss has proposed a government “portal,” operated by DHS, to handle information coming from the private sector. Privacy advocates welcome the proposal for a civilian agency like DHS to operate the information sharing “portal” (in earlier versions of proposed cybersecurity legislation, the NSA was tasked with a similar coordinating responsibility). Chambliss emphasized, though, that the NSA should also have access to the private sector data despite the negative response the NSA has received due to the Snowden leaks. “You can’t have protection from a cybersecurity standpoint without the NSA being integrally involved,” he said. “I mean, they’re the experts.”

Chambliss also acknowledged that the Snowden leaks have undermined trust in the NSA.

We’ve got to restore that trust somehow,” he told the Hill.