"Imposing cybersecurity standards on non-critical systems can divert attention away from actions that are central to the functioning of American society and public safety while posing a negative impact on free expression, privacy, business operating costs and innovation in digital services," Lofgren wrote in a letter to White House Cybersecurity Coordinator Michael Daniel.
"Cybersecurity standards for non-critical systems is better addressed through a transparent legislative process that affords technical experts and the public adequate opportunity for input," she added.
After Congress failed to pass legislation on cybersecurity this year, the White House moved ahead and drafted an executive order aimed at protecting the nation's critical infrastructure from cyberattack. The draft order tracks closely with a measure in a cybersecurity bill by Sen. Joe Lieberman (I-Conn.) that would establish a voluntary program in which companies would elect to verify that their computer systems and networks meet a set of security standards developed, in part, by the government.
Lofgren, whose district is home to tech companies like eBay and PayPal, has long cautioned against policies that would disrupt the tech industry and stunt innovation.
"Targeting the executive order to critical infrastructure will allocate agency resources more efficiently, minimize conflicting regulatory requirements, and address the most acute threats to public safety," Lofgren said.
Her concerns are similar to those voiced by Sen. Ron WydenRon WydenOvernight Finance: U.S. preparing cases linking North Korea to theft at NY Fed | GOP chairman says Dodd-Frank reform still a 2017 priority Dem senator: House Intel chairman may have revealed classified info US Chamber urges quick vote on USTR nominee Lighthizer MORE (D-Ore.) in a letter sent to Daniel earlier this month. In the letter, Wyden argued that e-commerce, social networking and search networks are unlikely to pose threats to national security and should be excluded from the executive order.