By Dianne Feinstein
Originally appeared in the Los Angeles Times
The Times is right to call on Congress to pass cybersecurity legislation; improvements to cybersecurity are greatly needed. I differ strongly, however, with your description of the cyber information sharing legislation that was passed in July by the Senate Intelligence Committee by a 12-3 bipartisan vote. ("What is Congress doing about cyberthreats and hackers?," Editorial, Sept. 3)
First, the legislation is purely voluntary. It provides legal authorization and liability protection to companies that share cyber threat information with other companies or with the government. The editorial is wrong in suggesting the bill provides any authority for government surveillance or for the sharing of information for purposes other than cybersecurity.
Second, the bill already includes numerous privacy protections. These include requirements that companies strip out personally identifying information before sharing, that the government destroy information it receives after a specified time and that the information sharing program is reviewed by the Privacy and Civil Liberties Oversight Board, inspectors general and many others.
The legislation permitting information sharing is just the first step toward stronger cybersecurity. Legislating is the art of the possible, and only a bill with broad bipartisan support can pass the Senate. Previous bills did not strike the balance between information sharing and privacy and therefore failed to win both Republican and Democratic support.
Sen. Dianne Feinstein (D-Calif.)