President Barack Obama’s administration threatened to veto a cybersecurity bill set for a House vote this week, saying it would erode privacy safeguards and not do enough to protect critical U.S. systems.
The administration “strongly opposes” the Cyber Intelligence Sharing and Protection Act in its current form and Obama’s senior advisers would recommend that he veto the measure, according to a policy statement from the Office of Management and Budget today.
The bill, introduced by Representative Mike Rogers, a Michigan Republican who’s chairman of the House Intelligence Committee, would encourage the government and companies to voluntarily share information on cyber threats. It would give companies immunity from civil and criminal actions arising from the exchange of such data. The bill is endorsed by House Republican leaders and scheduled for a House vote on April 27.
“H.R. 3523 fails to provide authorities to ensure that the nation’s core critical infrastructure is protected while repealing important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality and civil liberties safeguards,” the administration said in the statement.
Civil liberties groups have said the Rogers bill would give the government too much access to people’s personal data and doesn’t limit uses of that information.
Obama advisers including Howard Schmidt, the White House cybersecurity coordinator, have said information-sharing alone cannot provide adequate protection against hackers and spies. The White House supports a bill from Senator Joseph Lieberman, a Connecticut Independent, that would put the Department of Homeland Security in charge of regulating cybersecurity of the nation’s vital systems and networks such as power grids.
“The basis for the administration’s view is mostly based on the lack of critical-infrastructure regulation, something outside of our jurisdiction,” Rogers and the House Intelligence Committee’s senior Democrat, C.A. “Dutch” Ruppersberger of Maryland, said in an e-mailed statement.
The lawmakers said the bill’s sponsors agreed yesterday to amendments that “address nearly every single one of the criticisms leveled by the administration, particularly those regarding privacy and civil liberties of Americans.”
Ruppersberger is a co-sponsor of the legislation along with more than 100 other House members from both parties.
‘Bridge Too Far’
The American Civil Liberties Union, which took part in a Web protest last week against the Rogers bill, known as CISPA, said it agreed with the Obama administration.
“The White House is right: CISPA threatens fundamental notions of privacy and without a substantial rewrite should be voted down,” Michelle Richardson, the ACLU’s legislative counsel, said in an e-mail. “The Obama administration has endorsed the Patriot Act and other wiretapping laws. It speaks volumes that even they oppose this bill as a bridge too far.”
Asked about Obama’s veto threat, House Speaker John Boehner, an Ohio Republican, told reporters today that the president wants to put “the government in charge of the Internet.”
The Rogers information-sharing bill is one of four cybersecurity measures scheduled for House votes this week. The chamber is set to vote tomorrow on bills on updating federal information-security controls and coordinating government research and development on cybersecurity. The Rogers measure may be voted on April 27.
Lieberman and three other sponsors of his proposed legislation said in an e-mailed statement they “are disappointed that none of the House bills addresses the most glaring vulnerability in our cyber defenses: adequately protecting our most critical, privately-owned infrastructure.”
Lieberman, Republican Susan Collins of Maine and Democrats Jay Rockefeller of West Virginia and Dianne Feinstein of California also said that “the Senate is committed to passing comprehensive cybersecurity legislation because the threat we face to our economic and national security demands it.”
The Lieberman bill is S. 2105.