Return-Path: <sentto-279987-4009-1007496928-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 04 Dec 2001 12:19:08 -0800 (PST) Received: (qmail 30948 invoked by uid 510); 4 Dec 2001 20:15:52 -0000 Received: from n22.groups.yahoo.com (216.115.96.72) by all.net with SMTP; 4 Dec 2001 20:15:52 -0000 X-eGroups-Return: sentto-279987-4009-1007496928-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.191] by n22.groups.yahoo.com with NNFMP; 04 Dec 2001 20:15:28 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_1_2); 4 Dec 2001 20:15:27 -0000 Received: (qmail 77240 invoked from network); 4 Dec 2001 19:07:43 -0000 Received: from unknown (216.115.97.167) by m5.grp.snv.yahoo.com with QMQP; 4 Dec 2001 19:07:43 -0000 Received: from unknown (HELO red.all.net) (12.232.125.69) by mta1.grp.snv.yahoo.com with SMTP; 4 Dec 2001 19:07:43 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fB4JA1115773 for iwar@onelist.com; Tue, 4 Dec 2001 11:10:01 -0800 Message-Id: <200112041910.fB4JA1115773@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 4 Dec 2001 11:10:01 -0800 (PST) Subject: [iwar] [fc:Environmental.groups.protest.cybersecurity.information.sharing.bill] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Environmental groups protest cybersecurity information sharing bill By Drew Clark, National Journal's Technology Daily, 12/4/2001 <a href="http://www.govexec.com/dailyfed/1201/120301td1.htm">http://www.govexec.com/dailyfed/1201/120301td1.htm> More than a dozen environmental groups recently have joined civil liberties and consumer protection groups in their longstanding fight against legislation designed to spur the disclosure of cybersecurity information. The environmental groups' vigorous campaign against the bill, S. 1456, has breathed new life into the opposition and could trigger a fight on Capitol Hill between environmentalists and the technology industry--which in the Clinton era prided themselves on empathy with environmentalists. Industry strongly backs the cybersecurity bill, introduced by Republican Sens. Robert Bennett of Utah and Jon Kyl of Arizona. The bill would provide businesses with exemptions from the Freedom of Information Act (FOIA), antitrust prosecution, and lawsuits that could stem from the voluntary disclosure of cybersecurity information to regulatory and enforcement agencies. Reps. Tom Davis, R-Va., and James Moran, D-Va., have introduced similar House legislation, but one environmental group said that measure is much narrower than Bennett-Kyl. Joined by the Electronic Privacy Information Center (EPIC), the Center for Democracy and Technology (CDT), OMB Watch and others, the environmental groups last week sent a letter to senators, saying that the bill "does not fulfill its stated purpose of protecting critical infrastructure information," or the type of cyber information likely to be subject to attack. They urged the body to hold hearings on the bill and not to attach it as an amendment to other fast-moving legislation. The environmental groups' complaints are more limited than those of open-records advocates; the environmentalists do not protest the legislation's stated intent but argue that it would profoundly undermine the ability of the Environmental Protection Agency to sue polluters. Bennett spokeswoman Mary Jane Collipriest said the bill would do nothing of the kind. "This applies only to voluntarily shared information and does not supercede information required by the regulatory agency," she said. The measure would define "critical infrastructure" to include both "physical and cyber-based systems and services," and it specifically would include infrastructures related to electric power, gas and oil production, and other environmental systems. Advocates of the measure within the technology industry say critical infrastructure information must be broadly defined because such physical facilities increasingly are being controlled remotely via telecommunications networks--and hence are subject to the sort of cyberattacks the legislation is designed to prevent. But even granting that need, Rena Steinzor, an academic fellow at the Natural Resources Defense Council, protested that the bill's specific inclusion of the EPA in the list of agencies affected means that the bill is designed to serve polluters' interests. "Why send sensitive information about computer intrusions to the EPA?" Steinzor said. By sending information about physical plants to agencies collecting cyber information, utilities and other power plants could avoid civil actions by the government or by private plaintiffs, she said. Spokeswomen for Bennett and the Edison Electric Institute, a supporter of the bill, countered that the measure would not exempt utilities from civil liability for submitting information in bad faith. "It will not impede any civil lawsuits," Collipriest said. "It will not impact rulemaking, nor will it supercede statute or regulation." ------------------------ Yahoo! Groups Sponsor ---------------------~--> FREE COLLEGE MONEY CLICK HERE to search 600,000 scholarships! http://us.click.yahoo.com/Pv4pGD/4m7CAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 21:00:00 PST