Panel OKs bill that would increase cybersecurity oversight

The bill would require the administration to provide documents about each program’s legal justification and certifications of its legality

The Senate Select Intelligence Committee has approved a bill that would require the president to notify Congress about existing and new cybersecurity programs that involve personally identifiable information (PII).

The bill, which also would fund some programs for fiscal 2010, would require the administration to provide documents about each such program’s legal justification, certifications of its legality, concepts of operations, privacy impact statements, and plans for independent audits or reviews of the program.

The requirements would apply to cybersecurity programs involving PII in which an agency is the intended recipient of e-mail messages or other electronic communication, with at least one of these situations to apply:

  • It uses another agency or department, such as the Homeland Security or Defense departments, to screen PII.
  • The agency transfers PII to another agency or department for cybersecurity purposes.
  • The agency transfers PII to an element of the intelligence community.

The committee said in its report explaining the bill, dated July 22, that the measure's provisions sought to set up a “preliminary framework for executive and congressional oversight to ensure that the government’s national cybersecurity mission is consistent with legal authorities and preserves reasonable expectations of privacy.”

The committee said the requirements intentionally exclude routine firewalls and antivirus programs that could be considered cybersecurity programs. It also said the requirements pertain to governmentwide cybersecurity programs.

“These types of programs pose challenging new legal and privacy questions that make congressional and executive branch oversight particularly important,” the report said.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.