After the recent and major data breach at the federal Office of Personnel Management (OPM), the White House immediately started pointing fingers. White House Press Secretary Josh Earnest said that Congress “needs to come out of the dark ages” and pass cybersecurity legislation. He also said,
“We need not just improved efforts on the part of the federal government, but improved coordination with the private sector on these matters, and that effort to coordinate requires congressional action.”
This Administration is notorious for not working with Congress, but they could at least read the news. Congress has, in fact, passed cyber legislation, and the House has been leading on this issue for years.
In April, the House passed two major cybersecurity bills, including a bill to “improve coordination with the private sector”—exactly what Earnest claims we haven’t done. We passed:
- The Protecting Cyber Networks Act (H.R. 1560), which promotes responsible information sharing about cyberthreats while protecting personal information. The bill provides liability protections to companies that share information in a responsible manner, but demands that all personal information be redacted before it is shared.
- The National Cybersecurity Protection Advancement Act (H.R. 1731), which creates a hub for cybersecurity threat information in the Department of Homeland Security to facilitate companies sharing information so that others can prevent and respond to cyber attacks.
The House passed cybersecurity legislation long before OPM’s network was compromised. The House passed bipartisan legislation as early as 2012, but then-Majority Leader Harry Reid must have though this legislation was a ‘waste of time’ as well.
With Congress under new management, we look forward to enacting meaningful, bipartisan legislation with our Senate colleagues.