White House: Hill slow to fund security
Calls for Congress to 'pick up the pace' on funding information security initiatives and to put forward legislation to help track and prosecute cybercriminals
National Plan for Information Systems Protection
The White House Monday called for Congress to "pick up the pace" on funding
information security initiatives within government in the fiscal 2001 budget,
while putting forward legislation to help law enforcement track and prosecute
cybercriminals.
In a speech at the National Press Club, White House Chief of Staff John
Podesta criticized congressional appropriators for not funding the security
initiatives proposed by President Clinton in January in the National Plan
for Information Systems Protection.
"Good security needs to be updated constantly, and it costs money," Podesta
said.
In the plan and the fiscal 2001 budget, Clinton proposed more than $90 million
for several new cybersecurity initiatives, including the Federal Intrusion
Detection Network (FIDNet), which would monitor federal systems for cyberattacks;
the security research and development Institute for Information Infrastructure
Protection; the Federal Cyber Service training and recruitment program;
and the Expert Review Team to help federal agencies review their security
plans.
Each of those initiatives is under a different agency and in a different
appropriations bill. So far, none of them have made it through the appropriations
committees.
"Unfortunately, to date, the Congress still refuses to appropriate one dime
to put these initiatives in place," Podesta said. "It's time they picked
up the pace and provided the protections that are essential to America's
cybersecurity."
Podesta also unveiled four new pieces of legislation that Clinton will send
to Congress to expand on bills already going through committees. Key points
of the legislation include:
* Amending hardware-specific wiretap statutes to apply equal standards to
both hardware and software surveillance.
* Equalizing the legal standards that apply to law enforcement's access
to e-mails, telephone calls and cable services
* Updating the "trap and trace" laws that allow law enforcement to track
the path of cybercriminals on the Internet.
* Updating the Computer Fraud and Abuse Act to treat multiple small attacks
as a single attack and eliminate mandatory jail time for less-serious attacks.
The administration is still looking at possible uses for the Computer Electronic
Security Act (CESA), which Clinton proposed last year to balance the loosening
encryption export controls with the needs of law enforcement and national
security, Podesta said. But for now, the new proposed legislation will stand
in to handle the law enforcement issues, he said.
"We hope that we'll have a fair hearing on them and we believe that if we
work together [with Congress], then we can bridge the gaps between the members
currently considering this on the Senate Judiciary committee by balancing
privacy with the needs of law enforcement and that we can have some legislation
enacted this year," Podesta said.
NEXT STORY: More than text and talking