Intel chairman crafting plan to punish countries for stealing US trade secrets

House Intelligence Committee Chairman Mike Rogers (R-Mich.) is preparing a resolution that would punish countries for stealing intellectual property from American companies through online attacks.

The measure would be targeted at countries that give the stolen intellectual property to companies that are based within their borders or are subsidized by the government.

"There's a whole series of things that we can do and put on the table to show that there is a consequence for stealing intellectual property and trying to repurpose it for purposes of competition overseas," Rogers told reporters after a cybersecurity event sponsored by Covington & Burling.

ADVERTISEMENT
The push comes after Chinese hackers were accused of infiltrating American companies' computers to steal product blueprints and business trade secrets. Information security firm Mandiant released a report last month that said more than 100 U.S. companies have been targeted by an elite Chinese hacking unit based in Shanghai.

Rogers said he is aiming to put forward his measure next month, and is looking to include a provision that would impose visa restrictions for the theft of intellectual property from American companies. 

He stressed that he wants to ensure the plan would not negatively effect foreign trade and investment relations.

"We have to be really cautious about this. But if you look at it, there are some gaps that make us vulnerable to nation state, foreign intelligence services — both military and civilian — and a new growing group of cyber bounty hunters for intellectual property. ... We need to make sure we close that gap so we can continue promoting a free market between two nations," he said.

The proposal boasts support from both a Republican and Democratic lawmaker in the House, as well as a GOP member in the Senate.

The administration is eyeing the trade theft issue as well. During a conference in San Francisco last month, White House Cybersecurity Coordinator Michael Daniel said officials might consider financial sanctions, visa restrictions and military action as tools to use against foreign hackers who target U.S. networks. 

The White House has also toughened its stance towards China since the revelations about the hacking unit. Tom Donilon, the president's national security adviser, said in a speech earlier this month that U.S. officials have urged China to recognize the scope of the problem and take steps to address it.

The House is expected to vote on a set of cybersecurity-focused bills in mid-April. One of those bills would include the Cyber Intelligence Sharing and Protection Act (CISPA) by Rogers and Rep. Dutch Ruppersberger (D-Md.), which is aimed at removing the legal hurdles that prevent companies from sharing information about cyber threats with the government. 

The bill boasts support from a broad swath of industry sectors — including the telecommunications, banking and tech industries — but has stoked criticism from privacy and civil liberties groups.

Privacy advocates charge that CISPA lacks sufficient privacy protections for people's personal data and would increase the pool of Americans' electronic communications that flow to the intelligence community, including the secretive National Security Agency. 

The bill passed the House last spring but went untouched in the Senate, largely because it was working on its own comprehensive measure.

The White House issued a veto threat against CISPA before it was taken up on the House floor last year, saying the president's top advisers would recommend that he veto the bill if it came to his desk. The veto threat cited privacy concerns with the bill and said it failed to address security gaps that exist in the computer systems of key infrastructure.

The Intelligence Committee leaders and staff are still meeting with privacy groups and industry representatives to iron out remaining issues with the bill before it goes to markup next month, Rogers said.

During the event, Rogers attempted to allay the privacy concerns with the bill, stressing that it does not set up "a surveillance program" and is only focused on making it easier for industry and government to share information about malicious source code and other technical online threats.

"We want to make sure we meet the level of privacy concerns and we think we can do that," Rogers said.

He added that the bill has gained more Democratic support in the Senate than it did last year. Meanwhile, the Intelligence chairman said discussions with the White House are still ongoing and that he expects a "good outcome from that."

"We're working with them. In fact we had, I thought, a bit of a breakthrough this week on certain issues, not all the issues. I don't want to overstate where we are, but I think we've got them to a point where they're interested in working with us to get something that we can get signed into law," Rogers said.

"We've got better dialogue this year than we did last year," he added. "I expect a good outcome from that." 

This post was last updated at 12:15 p.m.