Like Causes?

Install the App
TRY NOW

house Bill H.R. 4361

Should Federal Agencies Take Steps to Prevent Cyberattacks Without Consulting Employees First?

Argument in favor

Federal agencies must be able to take whatever steps are necessary to protect their information from cyber-attacks, even if it means employees don’t know in advance.

GrumpyMSgt's Opinion
···
07/06/2016
E-mail is property of the company or agency you work for. If you want to do criminal activity just use your own server. (Note to average citizens: Try selling company secrets from your employer this way and see what happens.)
Like (11)
Follow
Share
SherryTX's Opinion
···
07/07/2016
While at work employees don't need to have computer access to anything that isn't work related. There is no expectation of privacy on work computers.
Like (3)
Follow
Share
MrRoberts007's Opinion
···
02/02/2017
No reason for any law abiding citizen to worry about this we need tighter cyber security.
Like (2)
Follow
Share

Argument opposed

This bill gives federal agencies the power to randomly restrict what employees can do without consulting with anyone, all under the guise of preventing cyber-attacks.

Josh's Opinion
···
07/07/2016
"Any means necessary" seems a little too totalitarian
Like (48)
Follow
Share
Rkurilla's Opinion
···
07/07/2016
The language is far too open and vague and could lead to unintended consequences.
Like (28)
Follow
Share
Anya's Opinion
···
07/07/2016
I don't see why an organization cannot just send out a notification to all employees that cyber security measures are changing. If it's something confidential, it could be a very simple notification. It doesn't require that every employee know the cyber security secrets. ///// Rep. Elijah Cummings (D-MD) explained in a statement opposing the bill that the bill gave agency leaders too much authority by allowing them to take “any action” necessary to secure information: “No matter what you believe about blocking employee access to email, this bill goes so far beyond that it loses the point. Could 'any action' mean violating the Privacy Act? Could 'any action' mean an agency can avoid required reports to Congress on cybersecurity?”
Like (10)
Follow
Share

What is House Bill H.R. 4361?

This bill would give the heads of federal agencies the authority to do anything to secure any information stored electronically by each agency. Basically, it gives the heads of federal agencies the ability to make changes to their agency’s cybersecurity without notifying anyone in advance.

The bill was amended before being sent to the floor of the House to include a provision which prevents the bill from modifying existing laws about federal cybersecurity. The bill specifically mentions the Cybersecurity Act of 2015, which deals with cybersecurity information sharing between the Departments of Homeland Security, Justice, and Defense.

However, the bill would overturn a decision by the Federal Labor Relations Authority from 2014 that prevents federal agencies from blocking employee access to e-mail.

Impact

People trying to compromise the cybersecurity of federal agencies; labor unions for federal employees; federal agencies and their employees.

Cost of House Bill H.R. 4361

$0.00
The CBO estimates that the cost of implementing the bill would be negligible because the bill wouldn’t affect revenues or direct spending significantly.

More Information

In Depth: Sponsoring Rep. Gary Palmer (R-AL) explained in a press release that the bill would give federal agencies the ability to protect themselves from cyber-attacks:

“Agencies should not be required to collectively bargain in order to take steps to secure data protecting federal agencies information systems and the personal information of federal employees. The directors of federal agencies have a responsibility to protect their IT systems and they should be able to carry out that responsibility without unnecessary interference. This bill will enhance the security of Federal information systems, and help prevent cyber-attacks.”

Rep. Elijah Cummings (D-MD) explained in a statement opposing the bill that the bill gave agency leaders too much authority by allowing them to take “any action” necessary to secure information:

“No matter what you believe about blocking employee access to email, this bill goes so far beyond that it loses the point. Could 'any action' mean violating the Privacy Act? Could 'any action' mean an agency can avoid required reports to Congress on cybersecurity?”

Of Note: The idea for this bill was prompted by a recent event in which the Office of Personnel Management (OPM) was breached by a cyber-attack. After the attack, the OPM tried to tighten its cybersecurity by restricting employee use of Facebook, Gmail, and more websites. However, union representatives delayed the new policy from taking effect, citing a Federal Labor Relations Authority ruling from 2014.


Media:

Summary by: Chris Conrad
(Photo Credit: Flickr user Perspecsys Photos)

AKA

Government Reform and Improvement Act of 2016

Official Title

To amend section 3554 of title 44, United States Code, to provide for enhanced security of Federal information systems, and for other purposes.

bill Progress


  • Not enacted
    The President has not signed this bill
  • The senate has not voted
      senate Committees
      Committee on Homeland Security and Governmental Affairs
  • The house Passed July 7th, 2016
    Roll Call Vote 241 Yea / 181 Nay
      house Committees
      Committee on Oversight and Reform
    IntroducedJanuary 11th, 2016

Log in or create an account to see how your Reps voted!