21 May 1999
To: cypherpunks@toad.com, cryptography@c2.net, jya@pipeline.com Subject: House revising Computer Security Act (NIST/NSA law) Date: Fri, 21 May 1999 13:23:08 -0700 From: John Gilmore <gnu@toad.com> Forwarded-by: Henry Schwan <owlswan@eff.org> Forwarded-by: cult hero <jericho@dimensional.com> Forwarded From: William Knowles <erehwon@kizmiaz.dis.org> http://www.fcw.com/pubs/fcw/1999/0517/web-security-5-20-99.html House panel aims to bolster security law (Federal Computer Week) [5.20.99] WASHINGTON, D.C. -- The House Science Committee plans to make another push to update a 1989 law that requires civilian agencies to take measures to protect their computer systems, according to Rep. Constance Morella (R-Md.), chairwoman of the Technology Subcommittee of the House Science Committee. The new bill, which could be introduced as early as next week, would revamp the 10-year-old Computer Security Act. The bill will closely resemble the Computer Security Enhancement Act of 1997, which the House passed only to have it die in the Senate last year, said Morella, speaking at a symposium sponsored by the SmartCard Forum. Like the 1997 bill, the proposed legislation would tap the National Institute of Standards and Technology as the lead agency for information security. The preceding bill also would have required NIST to promote federal use of commercial off-the-shelf products for civilian security needs. The committee first began its effort to revamp the existing law to reflect the proliferation of network technology that has left agency data more vulnerable to corruption and theft, Morella said in 1997.