Critical Infrastructure Protection Must be Part of Cybersecurity Policy, Says White House Official
The Obama administration believes it’s “critical to find a smart innovation-leaning balance” to cybersecurity legislation, said Danny Weitzner, White House deputy chief technology officer for Internet policy. And part of the balance is for the government to have authority to ensure that companies that have “our critical infrastructure are engaging in adequate security practices,” he said at the Computer & Communications Industry Association’s Washington caucus.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Referring to the slate of cybersecurity bills lined up for votes in the House this week, Weitzner said the White House wants to make sure that cybersecurity legislation “can’t tip the balance in the wrong way. We don’t want to see a militarization of cyberspace.” There shouldn’t be an “environment in which we create a sense of lawlessness in the online environment through excessive liability limitations” in the name of information sharing, he said. Industry must have clear liability rules on information sharing. Legislation shouldn’t create liability limitations that waive antitrust laws, states’ data breach laws or wiretapping laws, he said. “We don’t think we need to sacrifice privacy of citizens in order to protect cybersecurity, and will continue to work with Congress on finding the right balance."
Weitzner made clear that despite discussions with the EU and the European Parliament on Internet privacy rules, “we do not expect to reach any kind grand treaty” that will create a single set of “precise privacy rules that applies around the world” and which companies can comply with. What exists is a “commitment across the border to come up with a set of principles,” recognizing that Europe and the U.S. have different regulatory models in their approach to privacy, but the “two systems are based on a set of common principles,” he said. “It is a critical time to find ways to come together to achieve global interoperability in privacy rules."
The White House is “watching very carefully suggestions” from some U.N. organizations and some nations that “there is need to somehow get the Internet under control,” Weitzner said. The Internet Engineering Task Force, the World Wide Web Consortium and ICANN, which are organizations that created the “Internet environment,” are sustainable, scalable organizations that have “proven that they are up to the task of continuing to grow the Internet environment,” he said. So the U.S. is “going to make sure” that U.N. organizations such as the ITU “don’t step too far into this environment,” he said. Weitzner later told reporters that the U.S. is getting support for its position. The 34 Organisation for Economic Co-operation and Development countries adopted the recommendation on Internet policymaking principles, he said. And there’s been “tremendous engagement” from the Internet “community all around the world through the Internet Society and through preparations for the next Internet Governance Forum.” The U.N. push is for “control over a whole series of arrangements -- both technical and administrative -- to make the Internet work,” Weitzner said.
Among priorities for the U.S. Trade Representative’s office is to ensure free flow of data and to have it enshrined in the Trans-Pacific Partnership (TTP) trade agreement, said Demetrios Marantis, deputy USTR. There should be no artificial restriction in form of blocking websites, he said. The agency also wants to prevent cloud computing restrictions, such as the insistence of local presence of servers sought to be imposed by TTP partners like Vietnam, he said. The USTR also is working closely with Congress to ensure a “right balance” between copyright protection and fair use, he said.
Referring to the outcry that led to the demise of the Stop Online Piracy Act and Protect IP Act, Sen. Ron Wyden, D-Ore., chairman of the Senate International Trade and Global Competitiveness Subcommittee, told the caucus that efforts should be made to “export our strengths,” like Section 230 immunity and the Digital Millennium Copyright Act, to future trade agreements. Rep. Jason Chaffetz, R-Utah, said the Geolocation Privacy and Surveillance (GPS) Act he co-authored with Wyden (WID June 16 p5) will get a hearing in mid-May. The measure requires federal law enforcement agencies to acquire warrants to intercept an individual’s geolocation information and forbids courts from considering evidence based on geolocation information acquired without a warrant. Rep. Anna Eshoo, D-Calif., said the defeat of SOPA was reflective of the “fundamental” change in the way Congress views the tech community, but it still leaves unresolved the problem of the “hijacking of American genius.” She said she doesn’t believe there would be any more action on the issue in Congress this year.