House Intelligence chairman aims for cybersecurity bill markup in April

SAN FRANCISCO — House Intelligence Committee Chairman Mike Rogers (R-Mich.) said Friday he is aiming to wrap up talks with the White House and privacy advocates about measures in his information-sharing cybersecurity bill by April so it can move to a markup.

"We're still negotiating a lot of little pieces of the bill with privacy groups and the White House, and we're having great conversations with both Democrat and Republican senators now, so I'm hoping to have that wrapped up by April, where we can actually move a product in April," Rogers said in an interview with The Hill at the RSA cybersecurity conference in San Francisco.

ADVERTISEMENT
The Intelligence Committee Chairman and ranking member Rep. Dutch Ruppersberger (D-Md.) re-introduced a cybersecurity bill this month, the Cyber Intelligence Sharing and Protection Act (CISPA), that is designed to remove the legal hurdles preventing private companies and the government from sharing intelligence about cyber threats with one another in real time.

Last year the White House issued a veto threat the day before the bill went to the House floor for a vote, arguing that it lacked sufficient privacy protections and measures addressing security gaps in the computer systems of critical infrastructure. The bill ultimately passed the House last spring and went untouched in the Senate.

Rogers said the recent talks with the White House have been encouraging and that the release of President Obama's cybersecurity executive order this month is a positive political development for the information-sharing bill.

"We're negotiating, we're talking, which is better than what happened last year, and I'm encouraged by that," he said. "Here's the good news, everybody agrees that we need an information-sharing [measure] now. The executive order, I think, takes pressure off the Senate from having to pass a infrastructure standards mandate or bill. That's great. 

"That means the one thing we can get bipartisan agreement on is this cyber sharing portion. I think it actually increases our chances of getting a product to the president's desk for signature."

In their talks with the White House about the bill, the House Intelligence Committee leaders are discussing whether companies should be required to strip personally identifiable information from cyber threat data they share with the government, Ruppersberger said in a separate interview.

"We're going to try to do what we can to deal with the issue," he said. " I think if we can resolve this, we can probably get a bill passed. You're not going to please everybody, but I think we can get a bill." 

Rep. Adam Schiff (D-Calif), a member of the Intelligence Committee, has said he may offer an amendment to the bill that would require companies to take "reasonable steps" to minimize the personal information in the cyber threat data they relay to the government.

Both lawmakers said they are still open to discussions about ways to boost the privacy protections in the bill, but they defended the steps they took last year to add more privacy safeguards to it. They also stressed that the bill passed the House with support from both parties.

"Part of my role is to deal with the privacy issues, and I feel we have done this in the bill," Ruppersberger said.

The two lawmakers also said the U.S. government should step up efforts to confront China about its campaign to steal intellectual property from American companies via hacker attacks.  

"If they truly want to be an international player, they have to stop acting like a thief in the night, and we need to make that point," Rogers said.

He said among possible diplomatic tools that could be used against Chinese hackers are visa restrictions, an option mentioned by White House cyber chief Michael Daniel at the RSA conference on Thursday.

"They need to understand there are consequences for that kind of behavior and that is not being a good international citizen," Rogers said.