In a preliminary version of their plan for securing cyberspace, White House advisers tout the strategy as being a collaborative effort among industry, academia, the military and the government. But lawmakers who would be instrumental in making the plan work said they have had no direct input in its crafting.
According to a draft of the strategy obtained by eWeek, coordinating with Congress is one of a half-dozen principles guiding the plan being created by the Presidents Critical Infrastructure Protection Board. To ensure that the administrations approach enjoys “broad support and consensus, the Executive Branch will consult with and seek input from Congress,” the draft reads.
In developing the initial strategy and laying the groundwork for debate, however, the board has not sought congressional feedback.
“We gave some background briefings to key lawmakers,” said Andy Purdy, senior adviser for IT security and privacy at the CIPB, in Washington. “Were not soliciting their input.”
The draft plan, which was first reported in eWeek Aug. 26, includes calls for creating a federal Network Operations Center to collect increased amounts of security data as well as provisions for bolstering the collection and analysis of network traffic at colleges. The plan also calls for the creation of a privacy czar role, to oversee privacy compliance in government.
Some of the drafts proposals would require legislative action to advance, a point not lost on the CIPB and noted in the draft document.
Still, although it touches on expanded surveillance and privacy issues, several members of the relevant congressional committees said they have not been apprised of the drafts proposals.
An assistant to Sen. John McCain, R-Ariz., the ranking Republican on the Senate commerce committee, said the senators technology advisers have not been involved in the strategy so far. The assistant added that McCain has had input on some IT matters.
An assistant to Rep. John Conyers, D-Mich., said the congressman also has not been consulted by the White House despite Conyers position on the House Judiciary Committee.
The CIPB is in contact with lawmakers who are immersed in IT issues, however, and it plans to brief additional members on the strategy before its unveiling, Purdy said.
“We have not yet seen the draft,” said Matt Raymond, spokesman for Sen. George Allen, R-Va. “[Allen] has met with [CIPB head Richard] Clarke a number of times, and they have discussed these issues. He has had ample opportunity to meet private-sector concerns, and he has had ample access to Clarke.”
Allen, who chairs the Senate Republican High Tech Task Force and has co-sponsored numerous technology-related bills this session, is likely to be familiar with the administrations positions spelled out in the strategy, even though he did not submit direct input, Raymond said.
According to the draft, the strategy is likely to support several legislative initiatives that have been the subject of contentious debate in the past. For example, efforts to encourage the private sector to share network data with the federal government have frequently been hampered by industry fears that expanded information sharing will increase the risk of privacy and antitrust law violations. The draft notes that legislative initiatives regarding liability protections could influence private enterprises to adopt the strategys goals.
Regarding collaboration with the private sector, some sources said there has been little communication from the CIPB since early this year. The board sent out a broad slate of questions to private-sector executives and security experts, soliciting feedback. But since the answers came back, sources said, administration officials have worked on the plan in private.
“They havent shared information iteratively [during the revision process]. They solicited everything upfront and then went into a room and locked the door,” said one executive who has seen elements of the strategy.
The plan, scheduled for unveiling Sept. 18, was still in a state of flux last week, according to Tiffany Olson, deputy chief of staff at the CIPB at the White House. Not all the recommendations enumerated in draft versions will appear in the final document, Olson said. In addition, the final version will be a work in progress, as the board plans to continue the dialogue and issue regular updates.
- New Privacy Czar on Way
- Bush to U.S. Colleges: Send in the CIOs
- Bush to Call for Fed NOC
- Security: The Feds Can Help