Congresswoman Jan Schakowsky, Ninth District, IL
District MapHomeWelcomeJan in the NewsJan in WashingtonCapitol Hill9th Congressional District, IllinoisServicesFeedback Privacy Statement
 

 

BC-Computer Security

July 24th, 2002

Associated Press

WASHINGTON (AP) _ The top Democrat on a House government reform panel accused the Bush administration on Wednesday of supporting a proposal she said would let corporations keep embarrassing secrets from the public by claiming they involve the security of important computer networks and other systems. An unexpectedly tense exchange between Rep. Janice D. Schakowsky, D-Ill., and officials from the FBI and Commerce Department came during a routine hearing on cyber security before the Government Reform subcommittee on government efficiency. Saying she was outraged, Schakowsky condemned a plan to exempt from the U.S. Freedom of Information Act any details that companies might disclose to the new Department of Homeland Security about vulnerabilities in their operations. The measure is included within the House bill establishing the new agency. Schakowsky said the proposal changing the Freedom of Information Act, supported by the Bush administration, was ``a loophole big enough to drive any corporation and its secrets through. ... It could be something that communities need to know about pollution of a chemical plant.'' Industry computer experts at the hearing said they feared disclosure about information that companies might tell the government about Internet attacks. They also asked lawmakers for protections from liability lawsuits and antitrust restrictions as business rivals increasingly share details about threats. ``The sharing of information may lead to liability lawsuits against the company or its officers and directors,'' said Stanley ``Stash'' Jarocki, who heads a threat-warning network for some of the country's largest financial institutions. ``The chilling effect of potential liability lawsuits on voluntary speech cannot be underestimated.'' A similar disclosure measure, by Sen. Robert Bennett, R-Utah, was approved Wednesday by the Governmental Affairs Committee after it struck a deal with Patrick Leahy, D-Vt. That proposal still must be approved by the full Senate. Under the Senate compromise, the government promised to keep secret any details a company disclosed to the Department of Homeland Security about vulnerabilities to important U.S. infrastructures. But any information other agencies collect would not be protected, even if companies provide the same information to the new department. The head of the FBI's National Infrastructure Protection Center, Ronald L. Dick, testified Wednesday that business leaders are so fearful that few companies are willing to tell government experts about weaknesses in vital systems, from banking networks to electrical grids. ``I can't really tell you we're getting a lot of information,'' Dick said. ``Their concern is that government could not adequately protect it.'' Schakowsky challenged another administration official, John Tritak of the Commerce Department's Critical Infrastructure Assurance Office, over whether the proposal supported by the Bush administration was overly broad. ``You can hardly call this a narrow exemption,'' she charged. ``All I'm saying is, fix it if you have a problem with it,'' Tritak answered. ``Right now, things aren't as clear as they need to be, and this is the time to work with them.'' Both the FBI's NIPC and the Commerce Department office would become part of the new Department of Homeland Security under the Bush administration's reorganization. At Wednesday's hearing, some computer experts described the risks that foreign hackers one day soon may attack the computerized systems controlling the nation's electrical or water networks. They said that even as new vulnerabilities are discovered in modern technology, companies increasingly are connecting vital systems via the Internet because of cost-savings and efficiency. ``Fifteen field offices can be managed from one central location,'' said Marc Maiffret, the co-founder of eEye Digital Security Inc., which sells security software. Maiffret said this newfound convenience presents unprecedented risks. ``The attack would be able to take advantage of the functionality ... to seize control of a power plant, a water treatment plant, a dam or even an amusement park,'' he said. Maiffret recommended all employees within companies that operate important systems undergo background checks _ in some cases as rigorous as ones needed for government clearances.
 

 

 
Home  In the News  Jan in DC  Capitol Hill  9th District, IL  Services  Feedback