IP: Here we go yet again -- Cyber-security frenzy hits Capitol Hill

[Dave Farber <farber () cis upenn edu>]

----- Original Message -----
From: <ari () cdt org>; <ari () cdt org>
To: <update () cdt org>; <update () cdt org>
Sent: Friday, February 25, 2000 5:20 PM
Subject: Cyber-security frenzy hits Capitol Hill


> Sorry to put this out late on a Friday, but there are a lot of policy
> developments we are tracking that are being offered in response to the
> denial of service attacks but that may have serious negative impact on
> privacy and security.
>
> * Chairman Hatch May Introduce CESA
>
> Senate Judiciary Committee Chairman Hatch may introduce the Cyberspace
> Electronic Security Act (CESA), which would set legal standards for
> government access to voluntarily escrowed decryption keys.  The text of
the
> Administration draft and CDT analysis are at: http://www.cdt.org/crypto/
> CESA/  CESA is fraught with problems and could  reopen the encryption
> debate.  It has no connection with the denial of service attacks (no
> connection with Internet security, period) but the FBI has been shopping
it
> in recent weeks as a response to the attacks.
>
> *  Hearings on Cybersecurity
>
> On Tuesday, February 29, there will be a joint "oversight" hearing on
> "Internet Denial of Service Attacks and the Federal Response," convened by
> the House Judiciary Subcommittee on Crime and the Senate Judiciary
> Subcommittee on Criminal Justice Oversight, 2 PM in 2141 Rayburn.
Witnesses
> likely to include: DOJ, FBI, Amazon.com, ZDNet, e-trade, Microsoft, Cisco.
> Jim Dempsey is scheduled to testify on behalf of CDT.
>
> This follows earlier hearings:
>
> February 16, Senate Appropriations CJS Subcommittee, testimony for which
is
> online at http://www.senate.gov/~appropriations/commerce/hrgtest.htm
>
> February 23, Joint Economic Committee, testimony at http://www.senate.gov/
> ~jec/cyber.htm
>
> *  Legislation being discussed
>
> Sens. Leahy and Schumer are separately preparing bills, described at
http://
> www.cdt.org/security/   Contact Jim Dempsey for further details on the
> proposals that have been mentioned so far.
>
> *  FOIA Changes Proposed to Shield Critical Infrastructure Information
>
> Separate legislative proposals have been drafted by DOJ and DOD, to exempt
> from FOIA info about vulnerabilities that corporations submit to the
> government.  These drafts were still be vetted, and were not
Administration
> policy, but the following story indicates that Reps. Davis and Moran are
> considering introducing their own legislation.
>
> http://www.govexec.com/dailyfed/0200/022300b3.htm
>
> * FISA revisions introduced
>
> On Thursday, February 24, Sen. Specter introduced S. 2089, a bill to amend
> the Foreign Intelligence Surveillance Act of 1978 to modify procedures
> relating to orders for electronic surveillance and physical searches for
> foreign intelligence purposes.  The bill responds to the Wen Ho Lee
Chinese
> espionage case. It was referred to the Committee on the Judiciary. Initial
> cosponsors: Torricelli, Thurmond, Biden, Grassley, Feingold, Helms,
Schumer,
> and Sessions.  As of 3 PM Friday, the text was not online at Thomas or
GPO.
> Please contact Jim Dempsey, CDT Senior Staff Counsel, on these issues -
202-
> 637-9800, jdempsey () cdt org
>
> Ari Schwartz
> Policy Analyst
> Center for Democracy and Technology
> 1634 Eye Street, NW
> 11th Floor
> Washington, DC 20006
> (v) +1.202.637.9800
> (f) +1.202.637.0968
> http://www.cdt.org/
>
>
> ----------------------------------
> CDT Update Subscription Information
>
> E-mail questions, comments, or requests to subscribe or unsubscribe
> to ari () cdt org or call (202) 637-9800.
>
> Detailed information about online civil liberties issues may be found
> at http://www.cdt.org/