The House Homeland Security Committee plans to consider legislation that passed the House in the last Congress to include liability protections for cyber security technologies through a program managed by the Department of Homeland Security, a committee member said on Tuesday.
“We’ve been meeting with stakeholders to find other ways to strengthen cyber security, including expanding the SAFETY Act for cyber security purposes,” Rep. John Ratcliffe (R-Texas), chairman of the subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, said at the outset of a hearing to examine ways to promote and incentivize cyber security best practices.
The SAFETY Act currently provides incentives for developing and deploying anti-terrorism technologies and services by providing limited liability protections. The law can only be triggered by an act of terrorism, yet attributing cyber attacks “is extremely difficult” while the consequences of such attacks can be “devastating,” Ratcliffe said.
“In the coming weeks, the committee will consider House-passed legislation from the 113th Congress to amend the SAFETY Act to establish a ‘qualifying cyber incident’ threshold to trigger SAFETY Act liability protection for vetted cyber security technologies,” he said. Ratcliffe added that expanding the act to cyber security technologies won’t solve all “our cyber security challenges but it has the potential to make a significant improvement in our nation’s cyber defenses.”
Rep. Jim Langevin (D-R.I.), said he agrees on the need to incentivize the development and adoption of cyber security best practices but noted that currently the development and introduction of cyber security technologies is occurring at a “prodigious pace,” which raises questions whether expanding the SAFETY Act is necessary to “spur innovation” in this area.