WASHINGTON – With China in the spotlight for allegedly spying on U.S. computer networks, House lawmakers said Monday they will revive legislation that would let industry and the federal government swap information on the latest cyber threats.
The proposal is backed by industry because it would give them legal immunity when hacked, so long as they can prove they acted in good faith to protect their computer networks. The bill also would grant companies access to some threat data that's now classified.
But privacy advocates have been determined to block the bill, which they say would open America's private Internet records like bank accounts and emails to agencies like the FBI and National Security Agency.
Reps. Mike Rogers of Michigan and Dutch Ruppersberger of Maryland said they think the bill will win enough support if they make minor tweaks including dropping a provision that would have let the government use threat data for general national security proposes. While national security lawyers claimed the provision would have given them much needed flexibility as technology evolves, privacy groups said the bill was dangerously broad and would have paved the way for government abuse.
"We understand there are some perception issues," Ruppersberger, D-Md., told reporters in a press call Monday.
Ruppersberger is the top ranking Democrat on the House Intelligence Committee, while Rogers is the GOP chairman. The committee plans to mark up the bill in a private meeting on Wednesday with the expectation of a House floor vote next week.
But while Rogers and Ruppersberger said they are optimistic about the bill's prospects - both cited recent public accusations from private security firms that the Chinese government is rummaging through American computers to steal trade secrets - the legislation's fate is unclear. The Senate hasn't written a companion bill, and the White House last year sided with privacy advocates in alleging the legislation went too far.
Rogers said the revised bill should address many of the issues raised last year by the White House. In addition to dropping the national security provision, the bill now includes a requirement that the government strip out any personal information from data obtained from the private sector. And, the revised bill makes clear that companies can only use the information they get from the government to protect their networks, not for marketing or any other unrelated function.
"We're wide open to constructive suggestions to help clarify the bill," said Rogers, R-Mich. But the sheer volume of threats and the recent focus on China's hacking attempts "will help move people along," he later added.