The House passed bills on cyber sanctions, supply chain security and CDM last week.
The House passed a slew of tech and cyber bills last week, ranging from imposing automatic sanctions on foreign hackers to creating a new chief data officer position at the Homeland Security Department.
With a tight legislative calendar before this Congress turns into a pumpkin in January, however, the Senate will have to work fast if any of those bills are going to become law. Here’s a rundown.
Just Put Those Cyber Sanctions on Auto
The House passed a bill Wednesday that would impose automatic penalties on people and organizations that launch cyber strikes against the U.S.
The Cyber Deterrence and Response Act, sponsored by Rep. Ted Yoho, R-Fla., would require the president to take one or more punitive actions against people or organizations that are deemed “cyber threat actors,” such as limiting humanitarian or security assistance or blocking investments.
The president could forego taking those actions, but he’d have to justify doing so to Congress.
Sen. Cory Gardner, D-Colo., introduced a Senate companion to the bill last month, which hasn’t been marked up yet.
Getting in Front of the Next Kaspersky
Another bill the House passed Tuesday would dramatically expand the Homeland Security Department’s power to block contractors and subcontractors like Kaspersky Lab and Huawei that officials believe pose cybersecurity and national security risks.
The bill, sponsored, by Rep. Peter King, R-N.Y., is narrower than a Trump administration proposal that would give Homeland Security authority to block contractors across the civilian government. King said on the House floor that he hopes the House will get to vote on the broader proposal.
The House also approved bills last week that would:
- Put the power of legislation behind the Homeland Security’s Continuous Diagnostics and Mitigation program.
- Standardize contractor fitness standards across various Homeland Security divisions.
- Create drone coordinator and chief data officer positions at Homeland Security.
Hit the Gas, Senate
House Energy and Commerce Committee leaders pressed the Senate to vote on legislation that would stand up a national framework for self-driving cars on Thursday.
The SELF DRIVE Act has stalled in the upper chamber for more than a year after the House approved the bill by voice vote. The legislation, which would set standards for testing and deploying autonomous vehicles, would act as “a first step” in establishing the U.S. as a leader in the global market, said committee Chairman Greg Walden, R-Ore.
Silicon Valley Urges the ‘Right Regulation’
Top social media executives seem to accept that federal regulation is headed their way, but what that regulation would look like remains up in the air.
In a Senate Intelligence Committee hearing on Wednesday, Twitter CEO Jack Dorsey and Facebook Chief Operating Officer Sheryl Sandberg detailed the strides their companies have made in curbing foreign misinformation operations since the 2016 elections.
While the committee applauded the companies’ efforts, lawmakers warned that fighting back against foreign influence operations will require at least some government involvement.
“The era of the Wild West in social media is coming to an end. Where we go from here is an open question,” ranking member Mark Warner, D-Va., said.
Dorsey and Sandberg both expressed support for alerting users when they interact with fake accounts and boosting personal data rights, but wouldn’t commit to concrete regulatory frameworks.
“We don’t think it’s a question of 'whether regulation,’” said Sandberg. “We think it's a question of the right regulation that supports users … and doesn’t squash innovation."
Lawmakers Cheer North Korean Hacker Charges
Lawmakers applauded criminal charges the Justice Department filed against North Korean hacker Park Jin Hyok Thursday for the 2014 Sony Pictures Entertainment data breach and the 2017 WannaCry malware campaign among other cyber crimes.
House Intelligence Committee ranking member Adam Schiff, D-Calif., called the charges “an important step in countering Pyongyang's state-sponsored use of cyberattacks and cyber theft, and a warning to others tempted to do the same.”
Senate Intelligence Committee ranking member Mark Warner, D-Va., said the charges “[point] to the need for a clearly thought-out and articulated strategy for deterring and punishing state-sponsored cyberattacks.”
Sen. Ben Sasse, R-Neb., was the most succinct in his reaction. “Good,” the senator said, before launching into a critique that described leader Kim Jong Un as “North Korea's petty little despot” who “showed the world both how small he was and how capable his cyber soldiers can be.”
Lawmakers Celebrate First Equifax Anniversary with a Strongly Worded Letter
Sen. Elizabeth Warren, D-Mass., and Rep. Elijah Cummings, D-Md., are keeping pressure up on the Consumer Financial Protection Bureau and the Federal Trade Commission to punish Equifax for its 2017 breach that compromised the personal information of 143 million Americans.
The pair sent a letter to the agencies Thursday asking why, on the breach’s one year anniversary, they still hadn’t taken any punitive action. An investigation launched by the agencies is still ongoing, according to a Government Accountability Office report that the lawmakers also released Friday.
Warren and Cummings asked the agencies for a staff briefing by Sept. 20 detailing what steps they’ve taken in the investigation and whether the inquiry has included cybersecurity vetting at other credit rating agencies.
Tech Advisor Weathers Committee Vote
The Senate Commerce Committee on Wednesday unanimously approved meteorologist Kelvin Droegemeier to lead the Office of Science and Technology Policy. The appointment would essentially make him the top White House advisor on all things Science Technology Engineering and Math.
The top office at OSTP has remained empty since President Donald Trump took office in January 2017.
Droegemeier currently serves as Oklahoma’s science and technology secretary. In a confirmation hearing on Aug. 24, he said he’d focus OSTP’s efforts on “commercially risky but transformative” research, expanding partnerships with industry and academia and education initiatives for building a 21st-century workforce.
More tech and cyber work is coming up on the hill this week:
At 10 a.m. Wednesday, the Senate Banking Committee will consider new tools to counter Russia.
At 10 a.m. Thursday, the Senate Commerce Committee will examine next-generation transportation technology.
At 10:30 a.m. Thursday, the Senate Homeland Security Committee will hold a hearing on evolving threats.
Also at 10:30 a.m., a House Appropriations panel will conduct an oversight hearing on NASA’s James Webb Space Telescope.
At the same time, the House Homeland Security Committee will mark up bills to protect critical infrastructure from drones and to establish a vulnerability disclosure program and bug bounty at the Homeland Security Department.