The head of the National Security Agency (NSA) is trying to calm companies’ fears about new cybersecurity legislation, arguing that the government has no desire to collect people’s personal information.
“We do not want privacy information. That will slow us down. That is not what the focus of cybersecurity is,” said Adm. Michael Rogers, who oversees both the NSA and U.S. Cyber Command in an address to the U.S. Chamber of Commerce.
{mosads}At issue is the Cyber Information Sharing Act (CISA) which would provide protections to industry, allowing companies to share information with the government about cyber threats.
But privacy groups have tried to block the Senate from passing the legislation, amid concerns about the NSA’s surveillance programs. They argue that the measure would give the government too much private data about citizens.
But exactly what information the two sides will share and exactly what oversights would be in place remains to be seen, Rogers said.
He insisted that any info-sharing on cyber threats should not include private information. By law, once the NSA receives any private data, “I have very specific restrictions,” Rogers said.
Instead, Rogers wants to “have is a discussion” with business groups.
“So just what is the information that we should share with each other?,” he asked.
Without specific guidelines, “We can bury each other with data,” Rogers added. “What I really care about is insight and knowledge.”
Rogers acknowledged that business and the government needed to discuss oversight and liability issues to establish trust in the program and between the public and private sector.
Some companies have expressed concerns they could be liable for sharing information under the legislation.
“This idea that inherently you can’t trust ‘fill in the blank,’ that is a recipe for disaster for us,” Rogers said.
But the “only way” to get this process going is to remove the “legitimate concerns” in the private sector about liability, Rogers said. Congressional action, he added, is needed to make that happen.