Largely overlooked among President Obama’s State of the Union policy moves was a push to protect US infrastructure from cyberattacks. Earlier on Tuesday, the president signed an executive order that expands information-sharing between the government and private companies to, as he said in Tuesday night’s address, develop “standards to protect our national security, our jobs, and our privacy.” Conservatives and big business are warning of executive overreach—but in fact, the cybersecurity program gives companies more information than it requires from them, relies heavily on congressional support, and even makes civil liberties advocates happy.
Under the order, companies that provide vital services like electricity and water—many of which are considered highly vulnerable to attacks—will be able to view classified government information on cyberthreats, but they aren’t required to share information when they get hacked. The order doesn’t require companies to participate, nor does it provide any financial incentives (yet), but that didn’t stop House Homeland Security Committee Chairman Rep. John McCaul, R-Texas, from warning that it could “open the door to increased regulations that would stifle innovation [and] burden businesses.” The U.S. Chamber of Commerce called the program “unnecessary.”
By contrast, civil libertarians such as the ACLU were relieved that the order emphasized privacy and civil liberties safeguards. Lee Tien, a senior staff attorney with the Electronic Frontier Foundation, told Forbes that “We definitely like the executive order better than last year’s Cyber Intelligence Sharing and Protection Act… The executive order can’t change any federal rules. It just changes the way the executive branch chooses to do things.”