Administration pushes against bipartisan House cybersecurity legislation

The White House issued a statement late Tuesday criticizing a House cybersecurity bill after top administration officials briefed lawmakers on the threat of cyber attacks. 

In a statement, National Security Council spokeswoman Caitlin Hayden said any cybersecurity legislation should include strong privacy protections and should set mandatory security standards for critical infrastructure systems, such as electrical grids and water supplies.

{mosads}The House is set to vote on the Cyber Intelligence Sharing and Protection Act (CISPA) next week. 

CISPA would encourage companies to share information about cyber threats, but the bill lacks any regulations for critical infrastructure companies and has drawn fire from privacy advocates. 

The American Civil Liberties Union, the Center for Democracy and Technology, the Electronic Frontier Foundation and other groups are leading a week of protests against CISPA, which they warn could lead companies to hand over private user information to spy agencies.

“The nation’s critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone,” Hayden said. 

“Also, while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens. Legislation without new authorities to address our nation’s critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation’s urgent needs,” she said, without explicitly mentioning CISPA.

The statement followed a classified briefing for all members of the House led by Homeland Security Secretary Janet Napolitano, FBI Director Robert Mueller, National Security Agency Director Keith Alexander and Principal Deputy Director of National Intelligence Stephanie O’Sullivan.

The officials warned lawmakers that new regulatory powers are needed to protect the nation from devastating cyber attacks.

“The classified briefing was intended to provide all House Members with an appreciation for the cyber threat facing the nation as they consider new legislative authorities that could help the U.S. Government prevent and more quickly respond to cyber intrusions and attacks,” Hayden said.

The White House has endorsed a cybersecurity bill from Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine) that would give the Homeland Security Department the power to enforce cybersecurity standards for critical systems. The bill also includes more privacy protections than CISPA, such as requiring that companies strip out personally identifiable information from the data they turn over to the government. 

Critics of the Lieberman-Collins bill say it would impose unnecessary and burdensome regulations on businesses. 

Rep. Mike Rogers (R-Mich.), the sponsor of CISPA, expressed skepticism in a speech Tuesday morning that House Republicans would approve any bill that creates a new regulatory regime. He predicted supporters of the Lieberman-Collins bill are “going to have some difficulty” getting the legislation through the House.