Bill offers industry FOIA protections
A new bill would protect industry's proprietary cybersecurity data that was shared with the government
A bill scheduled to be introduced in the House this week would give industry
protections under the Freedom of Information Act when sharing proprietary
data on hacker attacks and cybersecurity gaps with the government.
Reps. Tom Davis (R-Va.) and Jim Moran (D-Va.), both outspoken proponents
of enhancing critical infrastructure protection, are sponsoring the bill.
The legislation would protect proprietary information belonging to private
companies by preventing the information from being inadvertently disclosed
as a result of cooperative cyberdefense efforts with the government.
Private companies, which own most of the nation's critical infrastructure,
have been reluctant to share proprietary data with the government for fear
it would end up in the hands of competitors. Companies also often refuse
to go public about hacker attacks on their enterprises out of fear that
the news will create public distrust of their services and lead to falling
stock prices.
Dave Morin, a spokesman for Davis, said the bill will be structured
in such a way that it will cover not only real-time and after-the-fact hacker
attacks, but also "preventative" data-sharing by companies that own key
nodes and systems.
"At this point we think neither type of information is being shared,"
Morin said. "We want to make sure information is shared at every level."
FOIA, in effect since 1966, gives citizens access to a wealth of unclassified
and formerly classified government documents.