But civil liberties advocates advised caution in sharing citizens’ cyber information. “We have a real and very present danger when it comes to cyber threats and our networks,” said Rep. Mike Rodger, R- Mich., at the hearing. “No one is more technologically integrated than the United States.”
Private sector industry experts testified before the committee, providing updates on their cybersecurity practices and suggesting moves the government should make to protect communications networks.
Cybercrime has become a $380 billion industry and continues to grow, according to statistics released at the Energy and Commerce hearing. Entrust President Bill Connor highlighted the importance of a public-private partnership to share intelligence and inform the public about cybersecurity.
“Education, coupled with dedicated perimeter security solutions, provide the first basic layer of protection for business and its employees,” Connor said in his written testimony.
“The federal government needs to work more closely with the private sector to exchange critical information.” However, civil liberties advocates worry that sharing personal information to prevent cyber threats could lead to privacy and civil liberty violations.
“There is a real risk that cybersecurity laws would undermine privacy,” Gregory Nojeim, senior counsel at the Center for Democracy and Technology, said in an interview. “The most important thing is to ensure that information sharing doesn’t become a backdoor wiretap.”
According to Nojeim, this means verifying that shared information will not be used for regulatory or intelligence purposes. The House discussions on cybersecurity legislation are “inconsistent on whether information [collected for cybersecurity purposes] can be used to prosecute people about whom the information pertains to,” he said. “Unless the information is only used for cybersecurity, the legislation would become a new form of an encroaching surveillance.”
Last week’s subcommittee hearing occurred days after the international hacking group Anonymous listened in on a conference call between the FBI and Scotland Yard. Anonymous posted the 16-minute recording on the Web, mocking the two agencies for investigating the hacking group.
“The FBI might be curious how we’re able to continuously read their internal comms for some time now,” said the group via Twitter.
But according an article in The New York Times, an FBI official said Anonymous had not hacked into any bureau facilities. “Instead, the official said, the group had simply obtained an e-mail giving the time, telephone number and access code for the call.”