Yesterday, the White House released a Statement of Administration Policy in which the Administration informed the House Permanent Select Committee on Intelligence, and the public, “if [H.R. 624 Cyber Information Sharing and Protection Act (CISPA)], as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill.” While many of the White House’s suggestions to improve privacy protections in the Bill have been making headlines, one line in particular caught my attention. In its recommendations on how CISPA should be improved, the White House made the following statement
Further, the legislation should also explicitly ensure that cyber crime victims continue to report such crimes directly to Federal law enforcement agencies, and continue to receive the same protections that they do today.
If Congress takes the President’s above recommendation seriously, it will be interesting to see what kind of language could be added to the bill that would “explicitly ensure” that “victims continue to report” cyber crimes to Federal law enforcement agencies. For more context, I have the entire paragraph below, or feel free to read the entire statement.
H.R. 624 appropriately requires the Federal Government to protect privacy when handling cybersecurity information. Importantly, the Committee removed the broad national security exemption, which significantly weakened the restrictions on how this information could be used by the government. The Administration, however, remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities. Citizens have a right to know that corporations will be held accountable--and not granted immunity--for failing to safeguard personal information adequately. The Administration is committed to working with all stakeholders to find a workable solution to this challenge. Moreover, the Administration is confident that such measures can be crafted in a way that is not overly onerous or cost prohibitive on the businesses sending the information. Further, the legislation should also explicitly ensure that cyber crime victims continue to report such crimes directly to Federal law enforcement agencies, and continue to receive the same protections that they do today.
0 comments:
Post a Comment