BREAK IN TRANSCRIPT
Mr. THORNBERRY. Madam Chair, I don't think we can say often enough how important it is that the chairman and ranking member have worked together, not only on the substance of this bill, but in the process of getting us here. They have, truly, put the country's interests first, and I think all Members should commend them for that.
This was a good bill when it was reported out of committee 17 1. I think it will be a better bill once the amendments are considered and adopted. And for any Member who has concerns about privacy or misuse of information, I think they should look at the amendments that are going to be adopted; and any reasonable concern, any semi-reasonable concern about privacy will be addressed with the limitations that those amendments add.
Madam Chair, this bill does not solve all the problems in cybersecurity. All four bills that we're considering today and tomorrow don't solve all the problems we have in cybersecurity. But it makes no sense to me, as some seem to have argued, that we should not solve this problem of information-sharing because we're not solving all the problems that somebody can see out there.
This problem of information-sharing has been central to cybersecurity concerns for some time. I happened across a report from December 2004 that was issued by a subcommittee I chaired of the Select Committee on Homeland Security, along with the gentlelady from California (Ms. Zoe Lofgren), where we wrote: Whether it is vulnerability assessments, threat warnings, best practices or emergency response, information-sharing with the private sector is critical to securing the United States from cyberattack. That was 8 years ago.
Why has it not occurred? Because all the legal obstacles, all the fear of being sued has prevented it from occurring. And that's what this bill does. It clears away the legal underbrush that has prevented the kind of information-sharing that people have been talking about for a decade.
This is a good, important step. It doesn't solve all the problems, but it puts more information at the disposal of critical infrastructure so that they can be protected. It should be adopted.
BREAK IN TRANSCRIPT