| May 10, 2013 William Harasym ********************** Dear William: Thank you for contacting me regarding the Cyber Intelligence Sharing and Protection Act (CISPA). It is good to hear from you. A number of nation-states and other actors are aggressively working to compromise American computer networks—public and private. Our intelligence community is working to meet the challenge and in doing so is in possession of valuable knowledge about these threats. But there are legal barriers, both real and perceived, that hamper public-private information sharing about cyber-threats and unnecessarily expose the private sector to risks. Moreover, the use of cyberspace to exploit American intellectual property or hack into corporate research and development information costs our economy billions. To address this problem in a way that preserves individual privacy, I voted for House passage of CISPA, H.R. 624. H.R. 624 embraces the notion that voluntary, private sector defense of private information systems, adequately informed by government intelligence, will best serve to protect privacy in the course of guarding against cyber-threats. I understand there are still concerns about how H.R. 624 could affect individual privacy, so I would like to take a moment to clarify the new authorities in H.R. 624. H.R. 624 would require the Director of National Intelligence (DNI) to establish procedures allowing the intelligence community to share with private sector entities information about threats to their information systems. This includes malware, viruses and malicious code that pose cybersecurity risks. The information shared by the private sector must be limited to "cyber threat information." Importantly, it limits the federal government's ability to share cyber-threat information for only the following purposes: 1) cybersecurity; 2) investigation and prosecution of cybersecurity crimes; 3) protection of individuals from the danger of death or physical injury; and 4) protection of minors from child pornography or risk of sexual exploitation. Some claim that H.R. 624 would have empowered the federal government to exert more control over the internet in the name of cybersecurity. The bill does no such thing. First of all, it relies on voluntary actions by the private sector. Additionally, during House consideration of H.R. 624, the House unanimously passed an amendment clarifying what supporters of the bill already knew— that the bill does not authorize the intelligence community to target a United States person for surveillance. Finally, the House unanimously approved an amendment prohibiting the federal government's use of library records, book sale records, firearms sales records, medical records and tax returns that it might receive from private entities in the course of sharing cyber-threat information. These types of personal information are simply not what H.R. 624 is designed to cover. Through amendment on the House floor, the House attempted to eliminate any possible route through which a federal agency could use H.R. 624 to violate civil liberties, though the bill will also sunset after five years to ensure proper congressional oversight. Additionally, the bill orders the Inspector General of the Intelligence Community to submit annually to Congress a review of the use of cyber security information as well as any recommendations necessary to address privacy and civil liberties concerns. These two provisions will work together to prevent the federal government from using H.R. 624 in ways not intended by Congress. This bill now goes to the Senate for its consideration. Thank you again for taking the time to write to me. I value your input. If you haven't done so already, I would like to encourage you to visit my website at www.lummis.house.gov. There you can sign up to receive my newsletter, and have access to a wealth of other information. I won't flood your email box, but I will provide you with updates once in a while about activities in Washington that affect our lives in Wyoming. I hope you will sign up so that we can stay in close touch, and I look forward to seeing you in Wyoming. Sincerely, Cynthia M. Lummis Member of Congress | 
