In the wake of the hack at Sony Pictures Entertainment and other prominent data breaches, the White House tried Tuesday to jump-start the effort to pass cybersecurity legislation by unveiling an updated proposal aimed at ironing out major sticking points in a long-stalled effort.
The new push is part of a week of White House announcements highlighting new technology and security policy initiatives for the new year. With announcements on data security, information sharing and broadband access, President Obama is trying to strike some contrast with the new Republican leadership on Capitol Hill — while also suggesting a few areas of compromise.
"Cyberthreats are an urgent and growing danger," Obama said Tuesday in remarks in suburban Washington at the National Cybersecurity and Communications Integration Center, which helps coordinate electronic communications among the government, the intelligence community and law enforcement.
He said that the move toward putting the nation's infrastructure online makes the issue of cybersecruity "a growing public safety and public health" concern.
White House officials have mentioned cybersecurity as one of the most promising areas for common ground with Republicans. Passage of a series of bills in late December gave the issue momentum in Congress, they say. Meanwhile, very public hacks, such as the major attack on Sony and the embarrassing breach of Pentagon social media accounts this week, are providing political pressure for more action.
Obama cited both examples when he met with congressional leaders earlier Tuesday for their first formal meeting of the new Congress to map out top legislative priorities. The president said cybersecurity was near the top of the list.
"We agreed that this is an area where we can work hard together, get some legislation done and make sure that we are much more effective in protecting the American people from these kinds of cyberattacks," he said.
Sen. John Thune (R-S.D.), chairman of the Senate Commerce Committee, said he welcomed Obama's interest in the issue, while suggesting that the president was a latecomer. In a statement, Thune said he hoped "the president's actions on this critical subject match his rhetoric about working with Congress."
The proposal Obama outlined Tuesday was a version of a 2011 administration plan, updated to accommodate concerns from the private sector and to reflect lessons learned from recent attacks. The proposal would encourage companies to share key information about a potential hack quickly with the government. In return, the government would limit those companies' legal liability, if they removed certain personal data, a White House official said. The proposal would also limit law enforcement's use of that information to stopping cybercrimes, major threats to minors or threats to bodily harm, the official said, adding that the information could not be used for regulation.
The proposal would also require the departments of Justice and Homeland Security to draft guidelines on how they should use, retain and destroy the information.
Concerns over corporate liability for disclosing data to the government have been among the issues holding up passage of a cybersecurity bill. One White House official, who refused to be named discussing the proposal ahead of the president's announcement, said the updated plan offered a "more clearly structured, more refined framework" for sharing information and reflected talks with the private sector.
The proposal will be among the topics at a White House a summit on cybersecurity and consumer protection at Stanford University next month, the White House said. The summit, scheduled for Feb. 13, will involve administration officials, companies and consumer groups.
The White House also announced $25 million in grants to historically black colleges and universities to support cybersecurity education. The money is part of an Energy Department effort to fund science and technology training.