By Danielle Dean
The U.S. House of Representatives is set to release a new bill in early March that will create a national commission on security and digital integrity. `
The commission will bring privacy advocates, law enforcement, technology companies and other key experts together with the goal of providing a cooperative set of policy and technological solutions to issues such as encryption, data breach response and recovery and the dark Web.
Leading this effort are House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Senate Intelligence Committee member Senator Mark Warner (D-Va.), who say this effort will be styled after the 9/11 commission.
Part of the commission’s charge will be to establish a common set of facts in recognition of the diversity of stakeholders and the complexity of digital security issues.
International operative standards also might be considered, with an understanding that U.S. companies must operate and interact in an international market. Any recommendations produced will be presented to Congress with the objective of informing a comprehensive law addressing these top contending digital security priorities.
This bill comes at a time when Congress is becoming increasingly active in the cybersecurity space. A privacy bill, the Email Privacy Act, sits in the House Judiciary Committee and is set to be marked up next month. The bill would require the government to obtain a warrant when seeking access to electronic communications.
The State and Local Cyber Protections Act of 2015, which passed the House in December and is currently in the Senate Homeland Security and Government Affairs Committee, provides technology resources, privacy training and access to federal tools and policies to assist state cybersecurity initiatives.
The program is implemented through the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC). The NCCIC will be required to receive feedback from state and local governments and report to Congress on the effectiveness of the activities and services rendered.
The Ensuring National Constitutional Rights for your Private Telecommunications Act of 2016 (ENCRYPT), which was introduced in February and referred to the committee on the Judiciary and the Committee on Energy and Commerce, would pre-empt state and local government encryption laws by prohibiting states from attempting to implement their own anti-encryption policies.
NCSL policies recognize there are serious threats to information infrastructure and data management and encourages federal efforts to work with states as equal partners and critical stakeholders on this issue.
NCSL will continue to oppose bills that pre-empt or prohibit states from addressing critical law enforcement and data security matters. As these and other bills progress through Congress, NCSL will continue to monitor their standing.
Danielle Dean is a policy specialist with NCSL's Law, Criminal Justice, and Public Safety Committee at NCSL.