The National Cybersecurity Protection Advancement Act of 2015 (1731) passed by voice vote in the House Homeland Security Committee Tuesday and could get a vote on the House floor next week.
The bill encourages voluntary sharing of cyber threat info between companies and with the government, which is the subject of various bills as Congress attempts to address the growing cybersecurity threat. It provides for the voluntary exchange of “government-to-private” and “private-to-private” threat information, and would provide liability protection for companies who monitor their information systems and take measures to defend them from attack.
One of the political divides has been over how insulated companies should be from liability.
The bill is the handiwork of Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee, who signaled its introduction last month, saying he hoped it would be marked up expeditiously and hit the House floor this month, which looks like it will be the case.
"This bill is supported by Republicans and Democrats alike because it protects Americans’ private information and encourages voluntary information-sharing about cyber threats to safeguard America’s digital networks," said McCaul after passage.
"Today’s mark of up the National Cybersecurity Protection Advancement Act (H.R. 1731) represents another step forward in our collective efforts to improve America’s cyber readiness by sharing threat indicators," said the National Cable & Telecommunications Association in a statement. "House Homeland Security Chairman McCaul and Cybersecurity Subcommittee Chairman Ratcliffe, along with Ranking Members Thompson and Richmond, have worked to advance a bill that balances cybersecurity, privacy and civil liberties concerns. We appreciate their efforts and look forward to working with all members of the House to pass cybersecurity legislation that will improve our ability to protect consumers, our Internet infrastructure and America’s economy.”
USTelecom senior executive VP Alan Roth praised passage, and gave a shoutout as well to the Protecting Cyber Networks Act, which passed the House Permanent Select Committee last month and is expected to be considered on the House floor next week as well.
"The legislation approved today by the Homeland Security Committee significantly reflects much of the input and feedback the Committee sought and received from stakeholders over the course of the last month," said Roth. "USTelecom deeply appreciates that open, bipartisan process and looks forward to seeing this important legislative measure move forward in the full House next week.
"Voluntary participation by American companies in cyber threat information sharing requires that any legislation in this area remain practical and efficient. The purpose of this and related bills should be to protect American networks, critical infrastructure, intellectual property, and consumers from incoming threats and cyber-attacks – not to encourage the second-guessing of decisions that must often be made in a split second by network engineers," he said.