White House, lawmakers resume cybersecurity bill talks

SAN FRANCISCO Sat Mar 2, 2013 4:24am IST

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012. REUTERS/Jonathan Ernst/Files

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012.

Credit: Reuters/Jonathan Ernst/Files

Related Topics

Stocks

   

SAN FRANCISCO (Reuters) - U.S. House Intelligence Committee Chairman Mike Rogers said on Friday negotiations with the White House on a new cybersecurity bill have resumed, and the two sides are not "that far apart" after making progress this week.

The Michigan Republican told Reuters that both sides are "very close" on agreeing about the roles that the Department of Homeland Security and other government agencies would play to better defend against cyber attacks.

They are also negotiating ways to minimize the transfer and use of personal information from companies to the government, Rogers said. No written drafts have been exchanged, the talks are informal and no deal is imminent, a committee staffer said.

In a joint interview with the senior Democrat on his committee, Dutch Ruppersberger, Rogers said the talks have been aided by increasing concerns about the costs of cyber attacks.

"What helped is that The New York Times, Washington Post and Wall Street Journal were all hacked and they talked about it publicly," Rogers said. "It is starting to raise awareness. I can feel movement."

Though thousands of important companies have been losing data to hackers in China and elsewhere for a decade, the number of companies publicly admitting such breaches has been growing. Apple (AAPL.O), Microsoft (MSFT.O), Twitter, and Facebook (FB.O) confirmed attacks in a recent campaign.

Rogers said both sides of the talks and an expanding part of the public understand that the likelihood of a devastating destructive attack is growing as the list of cyber powers lengthens to include actors like Iran.

He said he had "a high degree of confidence" that Iran was behind the August 2012 attack on Saudi Aramco that crippled some 30,000 PCs.

He also blamed Iran for a campaign against banks in recent months with what are known as denial-of-service attacks, which have disrupted access to some websites, and he said more intrusive or destructive hacking could follow.

"That's a probing action," said Rogers, who is privvy to classified intelligence reports. "We know it's not the best they have to offer.

"You have this non-rational actor that has the capability to cause chaos to people's networks and could be economically destructive."

The joint bill by Rogers and Ruppersberger emphasizes sharing threat information among companies and the government. It passed the Republican-dominated House last year, but failed in the Democrat-controlled Senate after administration objections.

The White House wants a more comprehensive bill that also sets minimum security standards for vitally important companies. But Ruppersberger said last month's executive order on that issue eased some pressure to include such provisions.

A second gulf between the parties has been over the personal information on customers and users that would be turned over to the government.

The current House bill would give broad protection from lawsuits to companies that surrender user data believed to be related to "threats" to their networks to DHS, which could then share it with intelligence agencies that could use it for other national security matters.

But Rogers said the personal information was not essential. "Candidly, you don't need a lot of personal information to fight the threat," he said, adding that details of new malicious software was essential.

Ruppersberger, of Maryland, said companies complained that they had no way to "minimize" personal information attached to "millions of conversations" and that they were working through that issue in the White House talks.

Their comments follow an interview with White House cybersecurity policy adviser Michael Daniel on Monday at the same RSA conference, the largest annual gathering of security professionals.

Daniel told Reuters then that the administration would identify its goals for a new law within two months.

Only after a law passes to shore up defense, the House members said, can the country focus on building support among allies to confront economic espionage from China and others.

(Reporting by Jim Finkle and Joseph Menn; Editing by Tiffany Wu and Leslie Gevirtz)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

Smartphone Wars

Reuters Showcase

Cloud Solutions

Cloud Solutions

Tencent teams up with IBM to offer business software over the cloud.  Full Article 

Cook Comes Out

Cook Comes Out

Apple's Cook: "I'm proud to be gay".  Full Article | Related Story 

 Rubin Quits

Rubin Quits

Android co-founder Andy Rubin to leave Google.  Full Article 

Glowing Flower

Glowing Flower

Video: Genetically altered glowing flower on display in Tokyo.  Video 

Web Fast Lanes

Web Fast Lanes

Comcast, AT&T seek to reassure on no plans for Internet 'fast lanes'.  Full Article 

Tech Reshuffle

Tech Reshuffle

Twitter product chief sidelined as user engagement slides.  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage