White House, lawmakers resume cybersecurity bill talks

SAN FRANCISCO Sat Mar 2, 2013 4:24am IST

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012. REUTERS/Jonathan Ernst/Files

U.S. Representative Mike Rogers (R-MI) (left) talks to reporters at the U.S. Capitol in Washington December 31, 2012.

Credit: Reuters/Jonathan Ernst/Files

Related Topics

Stocks

   

SAN FRANCISCO (Reuters) - U.S. House Intelligence Committee Chairman Mike Rogers said on Friday negotiations with the White House on a new cybersecurity bill have resumed, and the two sides are not "that far apart" after making progress this week.

The Michigan Republican told Reuters that both sides are "very close" on agreeing about the roles that the Department of Homeland Security and other government agencies would play to better defend against cyber attacks.

They are also negotiating ways to minimize the transfer and use of personal information from companies to the government, Rogers said. No written drafts have been exchanged, the talks are informal and no deal is imminent, a committee staffer said.

In a joint interview with the senior Democrat on his committee, Dutch Ruppersberger, Rogers said the talks have been aided by increasing concerns about the costs of cyber attacks.

"What helped is that The New York Times, Washington Post and Wall Street Journal were all hacked and they talked about it publicly," Rogers said. "It is starting to raise awareness. I can feel movement."

Though thousands of important companies have been losing data to hackers in China and elsewhere for a decade, the number of companies publicly admitting such breaches has been growing. Apple (AAPL.O), Microsoft (MSFT.O), Twitter, and Facebook (FB.O) confirmed attacks in a recent campaign.

Rogers said both sides of the talks and an expanding part of the public understand that the likelihood of a devastating destructive attack is growing as the list of cyber powers lengthens to include actors like Iran.

He said he had "a high degree of confidence" that Iran was behind the August 2012 attack on Saudi Aramco that crippled some 30,000 PCs.

He also blamed Iran for a campaign against banks in recent months with what are known as denial-of-service attacks, which have disrupted access to some websites, and he said more intrusive or destructive hacking could follow.

"That's a probing action," said Rogers, who is privvy to classified intelligence reports. "We know it's not the best they have to offer.

"You have this non-rational actor that has the capability to cause chaos to people's networks and could be economically destructive."

The joint bill by Rogers and Ruppersberger emphasizes sharing threat information among companies and the government. It passed the Republican-dominated House last year, but failed in the Democrat-controlled Senate after administration objections.

The White House wants a more comprehensive bill that also sets minimum security standards for vitally important companies. But Ruppersberger said last month's executive order on that issue eased some pressure to include such provisions.

A second gulf between the parties has been over the personal information on customers and users that would be turned over to the government.

The current House bill would give broad protection from lawsuits to companies that surrender user data believed to be related to "threats" to their networks to DHS, which could then share it with intelligence agencies that could use it for other national security matters.

But Rogers said the personal information was not essential. "Candidly, you don't need a lot of personal information to fight the threat," he said, adding that details of new malicious software was essential.

Ruppersberger, of Maryland, said companies complained that they had no way to "minimize" personal information attached to "millions of conversations" and that they were working through that issue in the White House talks.

Their comments follow an interview with White House cybersecurity policy adviser Michael Daniel on Monday at the same RSA conference, the largest annual gathering of security professionals.

Daniel told Reuters then that the administration would identify its goals for a new law within two months.

Only after a law passes to shore up defense, the House members said, can the country focus on building support among allies to confront economic espionage from China and others.

(Reporting by Jim Finkle and Joseph Menn; Editing by Tiffany Wu and Leslie Gevirtz)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

Tech Results

Reuters Showcase

IBM Chip Unit

IBM Chip Unit

IBM to pay Globalfoundries $1.5 bln to take chip unit  Full Article 

Cost-Cutting

Cost-Cutting

Yahoo set to outline cost-cutting efforts - WSJ.  Full Article 

eBay Board

eBay Board

Marc Andreessen quits eBay board ahead of PayPal spinoff  Full Article 

Cyber Security

Cyber Security

Wall Street urges U.S. regulators' joint cybersecurity approach  Full Article 

Facebook Stake

Facebook Stake

Fidelity Contrafund loads up on Facebook and it pays off  Full Article 

App for Kids

App for Kids

New apps bring kids' playtime back to real world  Full Article 

'Robotic Eyes'

'Robotic Eyes'

Helps Japan's bipedal bot run faster.  Video 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage