The following podcast contains advertising to access an ad-free version of the LawFair

podcast become a material supporter of LawFair at patreon.com slash LawFair, that's patreon.com slash

LawFair. Also check out LawFair's other podcast offerings, rational security, chatter, LawFair

no bull, and the aftermath.

Hello and welcome to the LawFair podcast, I'm Benjamin Wittes. Our subject today is the current

legislative machinations over cybersecurity. On Friday, I sat down with Paul Rosen's

Wig, who served as a senior policy official at DHS in the last administration, and who

has been blogging for LawFair on the current cybersecurity legislation, and with my colleague

Alan Friedman, a fellow at Brookings who works on cybersecurity and privacy issues. In this

roundtable discussion, we talked about the various cybersecurity bills and the policy

disputes that lie beneath them. Paul, start us out, what is the state of affairs in the

legislative discussion, and how did we get here? Well, we started, I guess, back in May

of last year, when after several years of consideration, what's reported to be a significant

amount of infighting within the administration, the Obama administration published a comprehensive

cybersecurity legislative proposal. It contained everything from completely unobjectional modernizations

of FISMA to enhancements in criminal law, to changes in authorities. It was everything

that they could possibly want to talk about in the field.

There are things lay over the last summer, until there started to be some movement in

the house. There are a couple of competing bills there. The simplest one is the Rogers

Ruppersburgers bill out of the intelligence, House Intelligence Committee, bipartisan

bill that is essentially information sharing of cyber threat and security information with

nothing else, 13-page bill, basically. Its major competitor in the House is the Lundgren

...