Understanding the U.S. Cybersecurity Legislation
April 23, 2012
Jackie here, with AllClear ID. Helping our you to protect your identity is one of our top goals here at AllClear ID. For that reason we are always interested in anything security related in the news, in Washington and around the US, like the US Cybersecurity Legislation.
April 23, 2012 marked the start of “Cybersecurity Week” with multiple cybersecurity bills set to go to voting in the House and Senate. Many of the bills are highly controversial and could carry long lasting implications for both cyber security and civil liberties. We look forward to seeing how our lawmakers will shape national policy in the coming weeks.
Let’s take a look at a few of the proposed bills.
Cyber Intelligence Sharing and Protection Act or CISPA (H.R. 3523)- The Cyber Intelligence Sharing and Protection Act, also known as CISPA, authorizes the government and private companies to share information to protect networks and the country from potential cyber threats. It is a proposed amendment to the National Security Act of 1947. Critics of this bill worry that the bill gives too much freedom to government agencies by adding a cybersecurity exception to many of the privacy protections now in place. The full text of CISPA is available here.
Promoting and Enhancing Cyber Security and Information Sharing Effectiveness Act or PRECISE (H.R. 3674)- This bill is heavily supported by the Homeland Security Committee and is quite similar to CISPA, but with more restrictions and exceptions to how information can be shared. This bill is not as popular with House leadership and is currently not expected to go up for vote during “Cybersecurity Week”. Read the full text of this bill here.
Cybersecurity Act of 2012 (S. 2105)- The Cyber Security Act of 2012 is an act that gives the Department of Homeland Security the right to assess the potential risks and problems with various infrastructure systems that are deemed critical to the United States. Critical systems are those that could wreak havoc on the US if compromised through massive citizen death or injury, economic damage or national security concerns. These critical infrastructure systems would be able to create their own security protocols, but they would need to meet minimum standards developed by the Department of Homeland Security. Companies would receive protection from civil liabilities due to cybersecurity risks if they meet and maintain the minimum required standards. Read the full text here.
The next few months should prove interesting as lawmakers race to create cybersecurity legislation to better protect networks and national security. These proposed laws and the many others currently under consideration may change the way that your information is protected and shared.