Cybersecurity

White House backs CISA's privacy provisions

photo credit: Sean Lyngaas

At a recent event, the White House's Michael Daniel said the administration wants to ensure that the final cybersecurity information-sharing law contains "very robust privacy provisions."

The White House is defending the privacy protections in a Senate-passed cybersecurity bill despite a string of privacy-focused amendments being voted down.

The Cybersecurity Information Sharing Act that the Senate passed Oct. 27 includes a "number of very key privacy provisions and use of limitations on how that cybersecurity information can be used," said White House Cybersecurity Coordinator Michael Daniel.

The House passed two cybersecurity bills that would govern the sharing of threat indicators and information between government and the private sector. As the Senate and House go to conference on the various information-sharing bills, "the administration will be pushing to ensure that there are very robust privacy provisions" in the final product, added Daniel, who spoke Nov. 4 at a Council on Foreign Relations conference in Washington.

Privacy has long been a point of contention in efforts to pass legislation that would make it easier for companies to share cyberthreat information among themselves and with the government.

In January, White House officials released a legislative proposal for information sharing that they touted as privacy friendly by emphasizing that it stripped personal information out of the "threat indicators" shared with the government. The version of CISA passed by the Senate guards against the disclosure of threat indicators that contain personal information and includes a requirement for the timely destruction of personal information known not to be relevant to cyberthreats.

But multiple amendments dealing with privacy failed to pass the Senate last month, including a measure sponsored by Sen. Ron Wyden (D-Ore.) designed to provide an additional layer of protection for personal data contained in threat indicators.

Some privacy groups responded to the bill's passage with indignation; the Center for Democracy and Technology called it a huge step backward for American privacy rights.

"I think the privacy groups are going to weigh in very heavily in this conference committee, and I expect them to and I hope they do," said Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee, at the Council on Foreign Relations event.

An amendment sponsored by Sen. Tom Cotton (R-Ark.) that failed to pass with CISA is "going to be a big issue in conference," McCaul added.

That amendment would have included the FBI and the Secret Service as information-sharing channels with the private sector, whereas CISA leaves that job to the Department of Homeland Security. The White House strongly objects to those exceptions to DHS as the hub for information sharing, but McCaul said a House bill that will be part of the reconciliation process contains language similar to the Cotton amendment.

Daniel also said the administration was not likely to reverse its decision to stop pursuing a legislative solution to law enforcement concerns about end-to-end encryption on mobile devices.

"We don't see much value in pursuing that course right now, and I don't think that that's going to change anytime soon," Daniel said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.