President Obama has signed an executive order designed to help protect against cyber attacks. There are privacy concerns, but leaders in Congress say the move may give a boost to efforts to pass new cyber-security legislation.
Copyright NPR. View this article on npr.org.
ROBERT SIEGEL, HOST:
From NPR News, this is ALL THINGS CONSIDERED. I'm Robert Siegel.
AUDIE CORNISH, HOST:
And I'm Audie Cornish.
President Obama has signed an executive order intended to shore up the nation's defenses against cyberattacks. The president acted yesterday. As NPR's Martin Kaste reports, similar efforts have stalled in Congress, largely because of concerns over government snooping.
MARTIN KASTE, BYLINE: You know you've arrived in the 21st century when the State of the Union includes a reference to hackers.
PRESIDENT BARACK OBAMA: Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.
KASTE: The executive order makes it easier for the government to share information about cyberthreats with the private sector - telecoms or companies running vital systems like power grids. The government will even give them classified information, as long as the companies have staffers with security clearance. The goal is quicker response to fast-moving attacks, and it's a pretty uncontroversial one. But things get stickier here.
OBAMA: Now Congress must act as well by passing legislation to give our government a greater capacity to secure our networks and deter attacks.
KASTE: Obama needs Congress to smooth the flow of information in the other direction, from companies to the government. Privacy laws make that difficult and the ACLU's Michelle Richardson says for good reason. She worries that cyber threat information uploaded from your Internet provider could end up being repurposed by the government.
MICHELLE RICHARDSON: They can use it for prosecutions of crimes that have nothing to do with cybersecurity or for this broad catchall of protecting national security. It's an undefined term, but we know over the last decade that the government is very expansive when defining national security.
KASTE: These privacy concerns have become one of the main obstacles to the Cyber Intelligence Sharing and Protection Act, or CISPA. Civil libertarians are especially concerned about a provision that would give legal cover for private companies that share information with the government. Big telecoms were sued a few years back when it came out that they'd cooperated with the Bush administration's warrantless wiretapping program. The bill's chief sponsor, House Intelligence Chairman Mike Rogers, says the privacy fears are overblown.
REPRESENTATIVE MIKE ROGERS: It's not a surveillance program. It's, in real time, exchanging zeros and ones when it comes to malicious software to catch it and stop it from getting on your machine.
KASTE: Speaking today at the Center for Strategic and International Studies, he said the president's executive order breathes new life into the legislation, and he said it's a much better idea to pass the bill before the country suffers a major cyberattack.
ROGERS: And I don't think you want to see what Congress does then. We don't do anything well after a significant emotional event.
KASTE: Martin Kaste, NPR News. Transcript provided by NPR, Copyright NPR.