Cybersecurity

White House backs CISA's privacy provisions

photo credit: Sean Lyngaas

At a recent event, the White House's Michael Daniel said the administration wants to ensure that the final cybersecurity information-sharing law contains "very robust privacy provisions."

The White House is defending the privacy protections in a Senate-passed cybersecurity bill despite a string of privacy-focused amendments being voted down.

The Cybersecurity Information Sharing Act that the Senate passed Oct. 27 includes a "number of very key privacy provisions and use of limitations on how that cybersecurity information can be used," said White House Cybersecurity Coordinator Michael Daniel.

The House passed two cybersecurity bills that would govern the sharing of threat indicators and information between government and the private sector. As the Senate and House go to conference on the various information-sharing bills, "the administration will be pushing to ensure that there are very robust privacy provisions" in the final product, added Daniel, who spoke Nov. 4 at a Council on Foreign Relations conference in Washington.

Privacy has long been a point of contention in efforts to pass legislation that would make it easier for companies to share cyberthreat information among themselves and with the government.

In January, White House officials released a legislative proposal for information sharing that they touted as privacy friendly by emphasizing that it stripped personal information out of the "threat indicators" shared with the government. The version of CISA passed by the Senate guards against the disclosure of threat indicators that contain personal information and includes a requirement for the timely destruction of personal information known not to be relevant to cyberthreats.

But multiple amendments dealing with privacy failed to pass the Senate last month, including a measure sponsored by Sen. Ron Wyden (D-Ore.) designed to provide an additional layer of protection for personal data contained in threat indicators.

Some privacy groups responded to the bill's passage with indignation; the Center for Democracy and Technology called it a huge step backward for American privacy rights.

"I think the privacy groups are going to weigh in very heavily in this conference committee, and I expect them to and I hope they do," said Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee, at the Council on Foreign Relations event.

An amendment sponsored by Sen. Tom Cotton (R-Ark.) that failed to pass with CISA is "going to be a big issue in conference," McCaul added.

That amendment would have included the FBI and the Secret Service as information-sharing channels with the private sector, whereas CISA leaves that job to the Department of Homeland Security. The White House strongly objects to those exceptions to DHS as the hub for information sharing, but McCaul said a House bill that will be part of the reconciliation process contains language similar to the Cotton amendment.

Daniel also said the administration was not likely to reverse its decision to stop pursuing a legislative solution to law enforcement concerns about end-to-end encryption on mobile devices.

"We don't see much value in pursuing that course right now, and I don't think that that's going to change anytime soon," Daniel said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity
    malware detection (Alexander Yakimov/Shutterstock.com)

    Microsoft targets copycat influence websites

    Microsoft went to court to take down websites it believes to be part of a foreign intelligence operation targeting conservative think tanks and the U.S. Senate.

  • Cybersecurity
    secure network

    FAA explores shifting its network to FISMA high

    The Federal Aviation Administration is exploring an upgrade to the information security categorization of IT systems as part of air traffic control modernization.

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.