One of the two chief initial architects of cybersecurity legislation on Capitol Hill is pushing back against renewed privacy concerns from civil libertarians working to stymie swift congressional action on the issue.
Rep. Dutch Ruppersberger, D-Md., said he and former Rep. Mike Rogers, R-Mich., who chaired the Intelligence Committee before leaving Congress at the end of the year, spent the last two years working with the American Civil Liberties Union and the White House troubleshooting privacy concerns.
A second version of the bill went further in addressing the privacy issues, he said, and passed the House last year with support on the left and the right and 288 votes at a time when very few bipartisan bills were gaining traction in the House.
“We wrote the [new version] of law based on addressing privacy concerns or we wouldn’t have passed it,” he told the Washington Examiner in a lengthy interview Tuesday evening.
Ruppersberger has reintroduced the bill earlier this month to try to build on the renewed interest and momentum.
After the Sony hacking incident and another Monday on the U.S. Central Command, President Obama is now pushing hard for the legislation after twice issuing veto threats against versions of the bill, which helped stall its progress in the Senate last year.
“There were veto threats on both of them, which was disappointing the second time because we worked hard, dealt with the privacy issues, we brought the ACLU to the table,” he said. “But now it’s to the point that this is serious and these attacks are real and we need to protect the American people and have checks and balances.”
“We have privacy groups overseeing our legislation — we have to move forward,” he added.
Along with the White House, a diverse group of lawmakers, including Sen. Patrick Leahy, D-Vt., and Sen. Rand Paul, R-Ky., opposed the legislation out of concern that it would allow the government to monitor citizens’ private information and allow companies to misuse it.
The privacy refinements require the Department of Homeland Security and the Department of Justice, rather than military or intelligence agencies such as the National Security Agency, to handle the data collection and serve as repositories of the digital information exchange.
As Sony executives have discovered after their emails went public after the hack, without security there is no privacy, Ruppersberger argued.
After the Sony attack and another on U.S. Central Command’s Twitter account Monday that the Islamic State of Iraq and Syria took credit for orchestrating, Ruppersberger said the administration and many other lawmakers realize that a balance needs to be struck between protecting consumers’ privacy and protecting companies from cyberassaults.
“I’m worried now that al Qaeda and the Islamic State are going to start hiring hackers to go attack the system. I think the American public now understands that the threat is real and we have to get this law passed,” he said.
Thousands of companies have been losing consumer data and other information to hackers in China and elsewhere, and the number of businesses affected has continued to grow over the last few years.
Proponents of the bill argue that Congress desperately needs to pass a new law to allow the government to share information about potential threats with entities that don’t have security clearances.
“Unfortunately, as the law is now when the intelligence community sees all these attacks coming, they can’t really warn people,” Ruppersberger said. “It’s like being a weather forecaster and seeing Hurricane Sandy coming to the East Coast and you can’t warn anybody.”
