sailingaway
07-12-2012, 10:32 AM
No great surprise:
Thank you for your letter about the "Cyber Intelligence Sharing and Protection Act" (H.R. 3523). I appreciate your taking the time to write and welcome the opportunity to respond.
The Cyber Intelligence Sharing and Protection Act passed the House of Representatives on April 29, 2012. The bill would, among other things, establish procedures to allow the Intelligence Community to share cyber threat intelligence with the private sector. On May 7, 2012, the bill was referred to the Senate Intelligence Committee, which I chair.
I agree with the authors of the House bill that our nation faces a serious and growing threat from cyber attack and espionage—threats to both our national security and our economy. Effective cybersecurity requires that the information on cyber threats and defenses in our government's hands be passed to the private sector, and that information from industry be shared with the government.
That is why I authored the Cybersecurity Information Sharing Act of 2012 (S. 2102). That legislation—which became Title VII in the comprehensive Cybersecurity Act of 2012 (S. 2105) co-sponsored by Senators Susan Collins (R-ME), Joseph Lieberman (I-CT) and Jay Rockefeller (D-WV)—authorizes companies to monitor and defend their own networks. It establishes procedures for private sector companies to share cyber threat information with each other and with the federal government, and establishes procedures for the government to share classified cybersecurity threat information with certified private sector entities.
Importantly, however, the Cybersecurity Act of 2012 includes substantially more robust privacy protections, as well as better safeguards against the private sector abusing new information sharing authorities, than the bill the House passed.
In particular, our legislation narrowly defines cybersecurity information that can be shared; places limits on how that information can be used by the government; requires that government bodies for collecting and sharing information be civilian institutions; and prevents any information to be shared or government action to be taken based on activities that are protected under the Constitution. I have worked closely with privacy and civil liberty organizations to draft the legislation, and have continued to make changes to the bill to ensure proper protections are in place.
Like you, I recognize that cybersecurity is a very serious issue. We must ensure our national security, and at the same time, protect our civil liberties and our fundamental rights to privacy and free speech. Determining the best way to strike that balance will require careful consideration, and I will certainly keep your views in mind as the debate on this issue advances.
Once again, thank you for your letter. I am pleased that you are engaged in this important issue and hope you continue to inform me of issues that matter to you. If you have any additional questions or concerns, please do not hesitate to contact my office in Washington, D.C. at (202) 224-3841, or visit my website at h ttp://feinstein.senate.gov.
Sincerely yours,
Dianne Feinstein
United States Senator
Thank you for your letter about the "Cyber Intelligence Sharing and Protection Act" (H.R. 3523). I appreciate your taking the time to write and welcome the opportunity to respond.
The Cyber Intelligence Sharing and Protection Act passed the House of Representatives on April 29, 2012. The bill would, among other things, establish procedures to allow the Intelligence Community to share cyber threat intelligence with the private sector. On May 7, 2012, the bill was referred to the Senate Intelligence Committee, which I chair.
I agree with the authors of the House bill that our nation faces a serious and growing threat from cyber attack and espionage—threats to both our national security and our economy. Effective cybersecurity requires that the information on cyber threats and defenses in our government's hands be passed to the private sector, and that information from industry be shared with the government.
That is why I authored the Cybersecurity Information Sharing Act of 2012 (S. 2102). That legislation—which became Title VII in the comprehensive Cybersecurity Act of 2012 (S. 2105) co-sponsored by Senators Susan Collins (R-ME), Joseph Lieberman (I-CT) and Jay Rockefeller (D-WV)—authorizes companies to monitor and defend their own networks. It establishes procedures for private sector companies to share cyber threat information with each other and with the federal government, and establishes procedures for the government to share classified cybersecurity threat information with certified private sector entities.
Importantly, however, the Cybersecurity Act of 2012 includes substantially more robust privacy protections, as well as better safeguards against the private sector abusing new information sharing authorities, than the bill the House passed.
In particular, our legislation narrowly defines cybersecurity information that can be shared; places limits on how that information can be used by the government; requires that government bodies for collecting and sharing information be civilian institutions; and prevents any information to be shared or government action to be taken based on activities that are protected under the Constitution. I have worked closely with privacy and civil liberty organizations to draft the legislation, and have continued to make changes to the bill to ensure proper protections are in place.
Like you, I recognize that cybersecurity is a very serious issue. We must ensure our national security, and at the same time, protect our civil liberties and our fundamental rights to privacy and free speech. Determining the best way to strike that balance will require careful consideration, and I will certainly keep your views in mind as the debate on this issue advances.
Once again, thank you for your letter. I am pleased that you are engaged in this important issue and hope you continue to inform me of issues that matter to you. If you have any additional questions or concerns, please do not hesitate to contact my office in Washington, D.C. at (202) 224-3841, or visit my website at h ttp://feinstein.senate.gov.
Sincerely yours,
Dianne Feinstein
United States Senator