Earlier this month, House Majority Leader Kevin McCarthy (R-CA) released an April agenda in which he designated the upcoming week to passing legislation to secure cyber networks and prevent data breaches. Making good on that promise, the House will vote Wednesday and Thursday on two bills to promote cybersecurity information sharing, while providing liability protection.
The Protecting Cyber Networks Act (H.R. 1560), which would encourage businesses and the federal government to share information on known cyber threats on a voluntary basis, is up first. The bill was introduced last month by House Intelligence Committee member Devin Nunes (R-CA) and the Intelligence Committee reported the bill on April 13.
The National Cybersecurity Protection Advancement Act (H.R. 1731) is on the agenda for Thursday. The bill would provide liability protections to companies that voluntarily share cyberattack information and would strengthen the National Cybersecurity and Communications Integration Center’s (NCCIC) role as the lead civilian interface for the sharing of cybersecurity risks. House Homeland Security Committee Chairman Mike McCaul (R-TX) and Committee member John Ratcliffe (R-TX) introduced the bill, and the Committee approved it by unanimous voice vote on Tuesday, April 14.
Both pieces of legislation are expected to be considered under structured rules that limit the number of amendments that can be offered. Majority Leader McCarthy said that the bills would be voted on separately, but then combined, before heading to the Senate. Minority Whip Steny Hoyer (D-MD) referred to the bills as “relatively noncontroversial” and, in a press conference last week, Whip Hoyer said that he expected the legislation to pass “in a strong bipartisan fashion.”
Another bill that may see floor action soon is the Data Security and Breach Notification Act (H.R. 1770). On April 15, the House Energy and Commerce Committee approved the bill, which would establish a nationwide safety regime for breach notification and data protection. The bill passed 29-20 on a party-line vote and, although it was initially expected to be included on the agenda this week, House leaders from both parties have acknowledged that more work needs to be done before it can be brought to the floor for a vote.
House Energy and Commerce Committee Chairman Fred Upton (R-MI) recently noted that, “Over 40 bills have been introduced in Congress since the first major data breach in 2005 and we haven’t yet reached the finish line.” After this week, the finish line may be within view.