Top House Dem: Cyber bill’s privacy concerns have been met

The House Intelligence Committee’s top Democrat believes privacy concerns will not get in the way of lawmakers moving soon on a bill to boost the public-private exchange of cybersecurity information.

“We are optimistic about where we are,” said Rep. Adam Schiff (D-Calif.) during an interview that aired Sunday on C-SPAN’s “Newsmakers.” “I think the vast majority of the privacy issues that have been raised have been met and we will still have a product that is effective to counter these attacks.”

{mosads}The House Intelligence Committee is expected to release any day a bill that would provide legal liability protections for companies sharing cyber threat data with the government.

The measure has been a top priority this year for many lawmakers, government officials and industry groups. They argue the bill is needed to shore up the nation’s weak cyber defenses against the rising tide of cyberattacks.

Prior efforts at passing such a bill have stalled over logistical disagreements and privacy concerns. Privacy advocates maintain the new law could give intelligence agencies another venue to collect Americans’ personal data.

But most observers agree that the current Congress, spurred by the massive cyberattack on Sony Pictures Entertainment, has the best chance yet of actually passing major cyber legislation.

The Senate Intelligence Committee recently approved, by a 14-1 vote, an its own cyber info-sharing bill, the Cybersecurity Information Sharing Act (CISA). Committee leaders said they are confident they’ve addressed the privacy sticking points. Privacy groups have strongly disagreed.

The House Intelligence Committee will this week unveil its counterpart legislation, which Schiff said will closely mirror the Senate’s effort.

And unlike in past years, Schiff believes both committees have a chance at getting their bills passed on the floor.

“Good news is, last year we were far apart on key issues and concerns, in the privacy community,” which is no longer the case, he said.

Lawmakers have agreed that the Department of Homeland Security (DHS), as a civilian agency, should be the lead on any public-private data exchange. There is agreement on Capitol Hill that personal information must be stripped out before the data is shared with the government, Schiff said.

“There has been a convergence between House and Senate Republicans and Democrats,” he said. “So we are ahead and it gives me confidence that we can move forward on a bill.”

Privacy advocates aren’t as sure. They point out that the Senate’s bill still allows for extensive data swapping between the DHS and intelligence agencies like the National Security Agency (NSA), in addition to some direct public-private exchange with the NSA. And they argue the mandate to strip personal information is too weak.

Schiff insisted the bill will not extend government surveillance.

“We do not want this to be a surveillance authority,” he said. “This is not a surveillance program. When you hear ‘information sharing’ it sounds like, ‘What kind of information is this?’ We are not interested in sharing people’s information. We are interested in the methods of attack.”

At a hearing last week, privacy security experts and industry witnesses backed Schiff, testifying that data on cyber threats often do not contain personal data.

How the debate plays out will be determined in the coming weeks. Both Senate and House Intelligence leaders want to get their bills to the floor sometime in April.