White House, lawmakers resume cybersecurity bill talks

SAN FRANCISCO Sat Mar 2, 2013 4:24am IST

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012. REUTERS/Jonathan Ernst/Files

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012.

Credit: Reuters/Jonathan Ernst/Files

Related Topics



SAN FRANCISCO (Reuters) - U.S. House Intelligence Committee Chairman Mike Rogers said on Friday negotiations with the White House on a new cybersecurity bill have resumed, and the two sides are not "that far apart" after making progress this week.

The Michigan Republican told Reuters that both sides are "very close" on agreeing about the roles that the Department of Homeland Security and other government agencies would play to better defend against cyber attacks.

They are also negotiating ways to minimize the transfer and use of personal information from companies to the government, Rogers said. No written drafts have been exchanged, the talks are informal and no deal is imminent, a committee staffer said.

In a joint interview with the senior Democrat on his committee, Dutch Ruppersberger, Rogers said the talks have been aided by increasing concerns about the costs of cyber attacks.

"What helped is that The New York Times, Washington Post and Wall Street Journal were all hacked and they talked about it publicly," Rogers said. "It is starting to raise awareness. I can feel movement."

Though thousands of important companies have been losing data to hackers in China and elsewhere for a decade, the number of companies publicly admitting such breaches has been growing. Apple (AAPL.O), Microsoft (MSFT.O), Twitter, and Facebook (FB.O) confirmed attacks in a recent campaign.

Rogers said both sides of the talks and an expanding part of the public understand that the likelihood of a devastating destructive attack is growing as the list of cyber powers lengthens to include actors like Iran.

He said he had "a high degree of confidence" that Iran was behind the August 2012 attack on Saudi Aramco that crippled some 30,000 PCs.

He also blamed Iran for a campaign against banks in recent months with what are known as denial-of-service attacks, which have disrupted access to some websites, and he said more intrusive or destructive hacking could follow.

"That's a probing action," said Rogers, who is privvy to classified intelligence reports. "We know it's not the best they have to offer.

"You have this non-rational actor that has the capability to cause chaos to people's networks and could be economically destructive."

The joint bill by Rogers and Ruppersberger emphasizes sharing threat information among companies and the government. It passed the Republican-dominated House last year, but failed in the Democrat-controlled Senate after administration objections.

The White House wants a more comprehensive bill that also sets minimum security standards for vitally important companies. But Ruppersberger said last month's executive order on that issue eased some pressure to include such provisions.

A second gulf between the parties has been over the personal information on customers and users that would be turned over to the government.

The current House bill would give broad protection from lawsuits to companies that surrender user data believed to be related to "threats" to their networks to DHS, which could then share it with intelligence agencies that could use it for other national security matters.

But Rogers said the personal information was not essential. "Candidly, you don't need a lot of personal information to fight the threat," he said, adding that details of new malicious software was essential.

Ruppersberger, of Maryland, said companies complained that they had no way to "minimize" personal information attached to "millions of conversations" and that they were working through that issue in the White House talks.

Their comments follow an interview with White House cybersecurity policy adviser Michael Daniel on Monday at the same RSA conference, the largest annual gathering of security professionals.

Daniel told Reuters then that the administration would identify its goals for a new law within two months.

Only after a law passes to shore up defense, the House members said, can the country focus on building support among allies to confront economic espionage from China and others.

(Reporting by Jim Finkle and Joseph Menn; Editing by Tiffany Wu and Leslie Gevirtz)


Reuters Showcase

Putin Critic Killed

Putin Critic Killed

Russians march in memory of murdered Putin critic.  Full Article 

Pakistan's First Win

Pakistan's First Win

Irfan bounces Zimbabwe out as Pakistan claim first win.  Full Article 

Budget 2015

Budget 2015

Full coverage of 2015/16 budget.  Full Coverage 

Hacked to Death

Hacked to Death

Bangladesh pays tribute to U.S. blogger killed in machete attack.  Full Article 

The Apple Car

The Apple Car

Apple car rumours fuel Geneva debate about car of future.  Full Article 

Movie Review

Movie Review

"Dum Laga Ke Haisha" is rooted in reality, writes Shilpa Jamkhandikar.  Full Article | Related Story 

Crowded Market

Crowded Market

China's Huawei enters smartwatch frenzy with round-face models.  Full Article 

Lathmar Holi

In Pics: Lathmar Holi

Images of "Lathmar Holi" at Nandgaon in Uttar Pradesh.  Full Coverage 

World Cup 2015

World Cup 2015

Full coverage of cricket world cup in Australia and New Zealand.  Full Coverage 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage