Congress Mulls a CIO's Authority, Future of Homeland Security and Data Breaches

Sen. Jerry Moran, R-Kan., pauses before testifying during a Senate Judiciary Committee hearing.

Sen. Jerry Moran, R-Kan., pauses before testifying during a Senate Judiciary Committee hearing. Carolyn Kaster/AP

Lawmakers are scheduled to vote Tuesday on a bill that would boost the buying authority of the Federal Communications Commission chief information officer.

The FCC CIO Parity Act is tucked into Ray Baum’s Act, legislation that would reauthorize the FCC for the first time in 15 years and contains several measures to improve communications infrastructure and internet access.

The FCC Parity Act would grant the CIO “a significant role” in planning, budgeting and hiring processes related to IT at the agency. These powers would be similar to what the Federal Information Technology Acquisition Reform Act grants to CIOs at CFO Act agencies.

“Aligned with Sen. Moran’s past priorities included in FITARA, the senator feels strongly that federal agencies are increasingly reliant upon IT in their day-to-day operations. As agencies plan for budgets, it only makes sense for the expertise of the CIO to be included in these critical operational decisions,” a spokesman for Sen. Jerry Moran, R-Kan., told Nextgov. Moran and Sen. Tom Udall, D-N.M., introduced the Senate version of the bill back in December. The duo previously pushed the Modernizing Government Technology Act, which not only passed but is now taking agency proposals for funds.

"The FCC is charged with regulating close to a sixth of our economy, but their information technology systems are severely out of date—leaving sensitive industry material vulnerable to increasingly dangerous cyberattacks," Udall told Nextgov. "The inclusion of this provision will empower the FCC CIO and give the CIO the authority necessary to modernize and take the necessary steps to protect sensitive data."

Another notable bill tucked into the package is the MOBILE NOW Act introduced by Sens. John Thune, R-S.D., and Bill Nelson, D-Fla., directing the FCC to make more spectrum available to the private sector for fixed and mobile wireless broadband development.

Credit Over-Extended

House Energy and Commerce Committee leaders requested a briefing with the company investigating the Equifax data breach, Mandiant, Thursday after news the credit score giant identified 2.4 million additional victims.

“This latest announcement from Equifax is deeply concerning, and raises even more questions about the company’s total failure in safeguarding consumers’ information and providing adequate tools for protection post-breach,” committee Chairman Greg Walden, R-Ore., and Rep. Bob Latta, R-Ohio, who chairs the committee’s consumer protection panel, said in a statement.

Senate Commerce Chairman John Thune, R-S.D., also said his committee would be reaching out to Equifax for additional information.

Speaking of Equifax

Rep. Ted Lieu, D-Calif., introduced two bills Thursday aimed at protecting consumers from the next major credit reporting agency data breach.

The first bill, the Protecting Consumer Information Act, would direct the Federal Trade Commission to study whether current law mandates sufficient cybersecurity protections for credit ratings agency and to promulgate new regulations if the current ones are insufficient.

The second bill, the Ending Forced Arbitration for Victims of Data Breaches Act, would prohibit companies from forcing data breach victims to all go through individual arbitration before launching a class action lawsuit.

Forging Ahead on FOSTA

A controversial bill aimed at curbing online sex-trafficking passed the House Tuesday despite pushback from tech-savvy lawmakers and industry groups. The Allow States and Victims to Fight Online Sex Trafficking Act would allow states and victims to sue websites that are “knowingly assisting, supporting or facilitating a violation” of federal anti-sex trafficking laws, but the tech community argues the bill could open companies to frivolous lawsuits.

Though early amendments to FOSTA brought many original opponents on board, tech groups renewed their criticism after lawmakers revised the bill’s final text to more closely mirror its Senate counterpart, which takes a stiffer position against online platforms. The Senate is expected to vote on FOSTA the week of March 12, and the measure is widely expected to pass.

Overdoing the Oversight

The Senate Homeland Security Committee is working on a Homeland Security Department reauthorization bill that will pare back the roughly 100 congressional committees and subcommittees that department staff must report to, Chairman Ron Johnson, R-Wisc., said Wednesday.  

Those crisscrossing oversight lines were left unaddressed in the House version of the reauthorization bill, which passed that chamber in July. Johnson has suggested forming a congressional commission to study the problem.

The Senate bill will also likely include language strengthening the department’s election cybersecurity mission, senators said.  

Let’s Make This Thing Official

Also Wednesday, House Homeland Security Chairman Michael McCaul, R-Texas, introduced a bill giving legislative backing to the work of Homeland Security’s cyber incident response teams. The Homeland Security Committee is scheduled to mark up the bill Wednesday.

Senate Pushes Cyber Cooperation With Ukraine

Sen. Sherrod Brown, D-Ohio, introduced legislation Tuesday urging the State Department to help Ukraine secure its digital networks against Russian cyberattacks and to reduce the nation’s reliance on Russian internet infrastructure. The bill merely states the “sense of Congress” and does not mandate any State Department action. A similar bill passed the House Feb. 7.

Ukraine has suffered numerous digital attacks since the 2014 Russian annexation of Crimea that are widely believed to have been launched by the Russian government. Among those was a 2015 attack that severely disrupted electricity across the nation. It was likely the first widely successful cyberattack against an electric grid.

Quit Concealing Climate Change

The Congressional Safe Climate Caucus penned a letter to President Trump condemning the White House push to reduce public access to federal climate change information. The 26 lawmakers said they are “alarmed” by the administration’s “systematic effort” to remove web pages and language related to climate change from federal sites. They accused the administration of violating the Federal Records Act—which requires agencies to collect, retain and preserve records—and pushed the White House to “consider the fact that human-caused global climate change is one of the greatest existential threats to the future of our planet” in its future online practices.

Coming Up

Tuesday and Wednesday this week will be chock full of tech and cyber activity on the hill. Here’s a rundown.

The Senate Armed Services Committee will hold its annual worldwide threats hearing Tuesday.

The Senate Finance Committee will also hear testimony that day about protecting online consumers from counterfeit goods and the House Energy and Commerce Committee will hold an oversight hearing of the National Telecommunications and Information Administration.

The House Small Business Committee will hold a Tuesday hearing on challenges for rural broadband providers.

On Wednesday, the Senate Homeland Security Committee will hold its third business meeting focused on reauthorizing the Homeland Security Department for the first time since its inception.

Also that day, the House Homeland Security Committee will examine efforts to strengthen the department’s cybersecurity workforce and the House Financial Services Committee will consider legislative proposals to reform data security and breach notification regulations.

The House Oversight Committee will also hold the second in a series of hearings focused on how artificial intelligence can benefit the federal government.