This morning Congressman Scott Peters (CA-52) voted in favor of H.R. 624 "The Cyber Intelligence Sharing and Protection Act,' which passed the House of Representatives with 288 votes in favor and 127 against on a bipartisan basis.
"Daily attacks are being made by foreign governments and organized and individual criminals who are trying to hack into U.S. computer systems to harm our nation or to steal valuable personal or patented technologies from American citizens and companies," said Peters.
"Today's action helps protect us against cyber attacks that could cripple our infrastructure and our national security, and cost our country untold amounts of money and jobs," he said. "It's important for us to act before, not after, a devastating attack that would leave us wishing we had acted sooner."
Peters said that San Diego is positioned to play a role in the future of the Cyber Intelligence field, as it continues to become a necessary priority for our national defense and business success. As a center for technology and research in the public, private, and defense sectors, San Diego will be at the heart of the nascent cyber security industry as it develops strategies to protect the interests of American consumers and commercial entities into the future.
Peters explained the bill passed today is the culmination of years of work to balance privacy and security concerns. Since this bill's reintroduction from the last congress, the intelligence committee worked extensively with privacy groups, members of Congress, and a variety of private sector companies and organizations to address their concerns. As a result, privacy protections and important oversight mechanisms are in place to ensure that the bill's personal information authorities are limited and used properly.
Improvements added in last week's mark up and on the floor today include:
-The government is now required to eliminate any personal information it receives that is not necessary to understand the cyber threat.
-An expansion of privacy protections and oversight requirements by adding an extra layer of review by the Privacy and Civil Liberties Oversight Board, requiring senior privacy officials from the government agencies to complete annual reviews evaluating the cyber threat information sharing regime's effect on privacy.
-Eliminating the national security use exception. The government now cannot retain or use a company's cyber threat information for anything other than cyber security purposes, investigating and prosecuting cyber security crimes, protection of minors, and protection of individuals from bodily harm.
-Prohibiting the government from using personal information from library and book records, gun sales, tax records, educational records, and medical records.
-There was also an amendment creating a five-year expiration of the legislation to allow for adequate review of provisions in the future.
These changes narrowed the bill's definitions and addressed a number of privacy concerns.
"This bill is a necessary step to ensure that the United States works to protect itself from an increasingly hostile cyber world," said Peters. "We must continue to work to improve our national defense in this emerging field while protecting the privacy of all Americans."