house Bill H.R. 4361
Should Federal Agencies Take Steps to Prevent Cyberattacks Without Consulting Employees First?
Argument in favor
Federal agencies must be able to take whatever steps are necessary to protect their information from cyber-attacks, even if it means employees don’t know in advance.
07/06/2016
E-mail is property of the company or agency you work for. If you want to do criminal activity just use your own server. (Note to average citizens: Try selling company secrets from your employer this way and see what happens.)
07/07/2016
While at work employees don't need to have computer access to anything that isn't work related. There is no expectation of privacy on work computers.
02/02/2017
No reason for any law abiding citizen to worry about this we need tighter cyber security.
Argument opposed
This bill gives federal agencies the power to randomly restrict what employees can do without consulting with anyone, all under the guise of preventing cyber-attacks.
07/07/2016
The language is far too open and vague and could lead to unintended consequences.
···
07/07/2016
I don't see why an organization cannot just send out a notification to all employees that cyber security measures are changing. If it's something confidential, it could be a very simple notification. It doesn't require that every employee know the cyber security secrets. ///// Rep. Elijah Cummings (D-MD) explained in a statement opposing the bill that the bill gave agency leaders too much authority by allowing them to take “any action” necessary to secure information:
“No matter what you believe about blocking employee access to email, this bill goes so far beyond that it loses the point. Could 'any action' mean violating the Privacy Act? Could 'any action' mean an agency can avoid required reports to Congress on cybersecurity?”
E-mail is property of the company or agency you work for. If you want to do criminal activity just use your own server. (Note to average citizens: Try selling company secrets from your employer this way and see what happens.)
The language is far too open and vague and could lead to unintended consequences.
I don't see why an organization cannot just send out a notification to all employees that cyber security measures are changing. If it's something confidential, it could be a very simple notification. It doesn't require that every employee know the cyber security secrets. ///// Rep. Elijah Cummings (D-MD) explained in a statement opposing the bill that the bill gave agency leaders too much authority by allowing them to take “any action” necessary to secure information:
“No matter what you believe about blocking employee access to email, this bill goes so far beyond that it loses the point. Could 'any action' mean violating the Privacy Act? Could 'any action' mean an agency can avoid required reports to Congress on cybersecurity?”
The government should always operate with complete transparency when it comes to citizens. National security should never trump individual liberty.
While I agree that federal agencies need to protect their data, I think this bill goes too far. Giving these agencies directors the right to do "anything" is just too vague.
While at work employees don't need to have computer access to anything that isn't work related. There is no expectation of privacy on work computers.
Protecting security is good, any means is bad. Checks and balances
No reason for any law abiding citizen to worry about this we need tighter cyber security.
The language of this bill needs to be more specific. It's too open-ended.
It takes maybe fifteen minutes to type up a memo for your employees. This isn't even difficult. Just lazy and a breach of workers' rights.
It is very easy to notify employees of new policies and procedures
How hard is it to send an e-mail? Sounds like totalitarian fascism.
This bill uses a cannon to kill a fly. It tries to "fix" employee union delaying changes to cyber security in the Office of Personnel Management by going too far. A more reasoned collaborative approach would be better.