Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter! |
Gaming News
U.S. House Discusses Issue of Public Disclosure of Cyber Security Problems22 June 2000As the government steps up pressure on industry groups to share information about cyber-attacks and potential computer security vulnerabilities, Congress needs to assure companies that such information won't fall into the hands of the media, investors or the general public, witnesses told a congressional subcommittee today. The House Government Reform Committee's Technology Subcommittee convened today to discuss the Cyber Security Information Act of 2000, which would provide a limited exemption from the Freedom of Information Act (FOIA) to companies that share information about electronic attacks and vulnerabilities with government agencies. Such information-sharing activities are the cornerstone of the Clinton administration's cyber-security initiative. "Once you give that information out, I think you want ironclad assurance that that information isn't going anywhere else," Rep Tom Davis, Republican-Virginia, said at today's hearing. It was Davis, along with Rep. Jim Moran, Democrat-Virginia, who introduced the legislation earlier this year. The US General Accounting Office (GAO) concluded from its examination of the legislation that it could be a powerful tool for strengthening public-private information sharing efforts in the area of electronic vulnerabilities. "By addressing private sector concerns about sharing information (the legislation) could have a positive effect similar to the one the Year 2000 Information and Readiness Disclosure Act had in resolving the Y2K problem," GAO official Joel Willemssen said in his testimony before the subcommittee. That Y2K legislation protected confidentiality of corporate Y2K disclosures and was credited with helping government Y2K authorities get control of the Millennium Bug. But not all at today's hearing praised the Davis-Moran proposal. Electronic Privacy Information Center (EPIC) General Counsel David Sobel testified that the legislation would only serve to further weaken FOIA, which is already riddled with exemptions. Indeed, Sobel argued, the information that would be exempted from FOIA under the Davis-Moran legislation is already protected by an existing exemption under FOIA for privileged "commercial or financial" information. Passing legislation to protect information that is already largely exempt from FOIA would represent a severe blow to the FOIA requester community - journalists, consumer groups and other businesses - which, as it stands, loses more FOIA appeals than it wins, Sobel said. "I start out with the premise that if it's not broken, don't fix it," Sobel said. But Davis, who questioned Sobel closely following his testimony, argued that whether or not voluntarily submitted cyber-security information is already protected under FOIA, companies are still gun-shy about providing such data. "The problem is that the companies we want to share their information don't share (your) view," Davis told Sobel. Even if all the legislation does is provide corporations with peace of mind on the subject of information sharing, it would be highly useful, Davis contended. And while the Clinton administration appears to be staying out of the FOIA fray, John Tritak, director of the Critical Infrastructure Assurance Office, praised the subcommittee's efforts on the issue. "I wholeheartedly applaud the intent as well as the objectives of the Cyber Security Act proposed by Davis and Moran," said Tritak, speaking on behalf of the administration. Tritak stopped short of endorsing the Davis and Moran proposal, however. "The administration is a big supporter of FOIA and open government, so no one (in the Executive Branch) takes the creation of new exemptions lightly," Tritak told Newsbytes following today's hearing. Tritak urged continued debate on the thorny issue. He may get his wish. Although there is some indication that the legislation may be waived on to the full Government Reform Committee without the benefit of a markup, a Davis staffer today said he is skeptical that the legislation will reach the House floor before Congress breaks for the summer. Reported by Newsbytes.com, www.newsbytes.com. |