Democrat defends CISPA, points to 'rigorous privacy requirements'

By Brendan Sasso - 05/02/12 01:00 PM ET

Rep. Jim Langevin (D-R.I.) on Wednesday defended his vote for a controversial cybersecurity bill, saying the measure includes "rigorous privacy requirements."

The White House has threatened to veto the Cyber Intelligence Sharing and Protection Act (CISPA) over concerns that it would lead companies to hand over their customers' private information to government spy agencies.

The House approved CISPA last week on a vote of 248-168, with 42 Democrats supporting the bill and 28 Republicans opposed.

In a speech at a cybersecurity symposium in Rhode Island on Wednesday, Langevin said CISPA would help private companies protect their computer networks from hackers.

The bill would remove legal barriers that prevent companies from sharing cyber threat information with each other and with the government.

"CISPA creates a voluntary information sharing network, with rigorous privacy requirements in place, that will provide private sector and many critical infrastructure entities with classified threat information to allow them to better secure their networks," Langevin said. "It will also permit those entities to provide limited threat information back to the federal government, helping to provide situational awareness, or 'radar,' that we so desperately need to better understand the nature of the increasingly sophisticated threats arrayed against U.S. interests in cyberspace."

Langevin said he helped to add tougher privacy protections to the version of CISPA that passed the House last week.

"While I do not believe this legislation is perfect, and I hope to continue to work with privacy and civil liberties groups to allay their concerns, CISPA does represent a good-faith effort to come together in a first step towards better cybersecurity for our nation, and I was proud to co-sponsor and support this measure," he said.

But Langevin sided with the White House over their other main concern with CISPA — that the bill doesn't do enough to protect critical infrastructure.

Both the White House and Langevin argue that the government should set mandatory security standards for critical infrastructure, such as electrical grids, banks and chemical plants.

Langevin noted that he worked with Rep. Dan Lungren (R-Calif.) to draft the Precise Act, which includes the critical infrastructure mandates. But House Republican leaders have indicated they oppose any new regulations for cybersecurity and did not bring the Precise Act up for a vote.

"And so, to my great frustration, the need to comprehensively address the vulnerabilities in our critical infrastructure remains unaddressed," Langevin said.

The White House has endorsed a Senate cybersecurity bill backed by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine) that includes tougher privacy protections and critical infrastructure mandates.

Langevin said he is hopeful that the passage of CISPA in the House "will spur the Senate to act on comprehensive cybersecurity legislation, such as that proposed by Senators Lieberman and Collins, that is so sorely needed."