Commerce Committee Chairman John D. (Jay) Rockefeller IV, D-W.Va., Homeland Security and Governmental Affairs Committee (HSGAC) Chairman Joe Lieberman, ID-Conn., HSGAC Ranking Member Susan Collins, R-Maine, and Select Intelligence Committee Chairman Dianne Feinstein, D-Ca., sent a letter to the U.S. Chamber of Commerce responding to the Chamber's mischaracterizations about the revised Cybersecurity Act of 2012.
The text of the letter is as follows:
Thomas J. Donohue
President and Chief Executive Officer
U.S. Chamber of Commerce
1615 H Street, NW
Washington, DC 20062
Dear Mr. Donohue:
We are deeply disappointed with the Chamber of Commerce's mischaracterizations about the revised Cybersecurity Act of 2012 (S. 3414) that were included in a letter the Chamber sent to the United States Senate this week.
We are baffled that the Chamber opposes our voluntary, incentives-based approach to protecting our nation's critical infrastructure. A voluntary framework as proposed in the Cybersecurity Act of 2012 is the very framework your organization has championed. This approach was included as a recommendation in the March 8, 2011, white paper entitled "Improving our Nation's Cybersecurity through the Public-Private Partnership," coauthored by the Chamber and other industry groups. The recommendation stated, "government and industry must develop a menu of market incentives that government can put in place to motivate companies to voluntarily adopt additional security practices and technology investments." We have moved to a voluntary approach after extensive discussion with your organization, other private companies, and other members of the Senate.
In another example, your letter expresses concern that S. 3414 would eliminate the ability of non-civilian federal entities such as the Department of Defense and the National Security Agency to receive cybersecurity information directly from the private sector, including your membership. Section 707(a)(4) of S.3414 makes clear that such existing and future information sharing can continue if members of the Chamber want to continue to send information directly to the NSA. The attached document corrects other significant mischaracterizations your letter made about S. 3414.
Over the course of the last three years, as we have worked toward a compromise on cybersecurity legislation, the threat of a cyber attack against our country has grown even more serious. Now is the time for the Senate to finish this legislation, so the country can begin addressing its cyber vulnerabilities. Given the cyber attacks that have affected the Chamber's own control over the information of its members, we would have hoped that you would have an appreciation for the threat to the national and economic security of our nation. With this new approach, we believe that organizations like yours should support the legislation, and we are hopeful that the information we are providing demonstrates that your characterizations and concerns are unfounded.
We met with Chamber representatives earlier today and have solicited input in the form of specific legislative text. We remain hopeful that you will partner with us in this important work.
Senator John D. (Jay) Rockefeller IV
Senator Joe Lieberman
Senator Susan Collins
Senator Dianne Feinstein