The Honorable Mike Rogers

U.S. House of Representatives

Washington, D.C. 20515

The Honorable C.A. Dutch Ruppersberger

U.S. House of Representatives

Washington, D.C. 20515

Dear Representatives Rogers and Ruppersberger:

Our organizations—representing multiple sectors of the American economy—support the introduction of the Cyber Intelligence Sharing and Protection Act. The bill earned more than 100 bipartisan co-sponsors last year because your colleagues recognized that it would enhance public-private collaboration in countering an array of cyber threats to U.S. national and economic security.

This legislation is necessary to create a powerful sea change in the current informationsharing practices between government and the business community that reflects the conditions of an increasingly digital world. Our organizations have consistently supported legislation that would put timely, reliable, and actionable information into the hands of business owners and operators so that they can better protect their systems and assets against nefarious actors, including rogue individuals, organized criminals, and groups carrying out state-sponsored attacks.

The bill supports existing information-sharing and analysis organizations and incorporates lessons learned from pilot programs and exercises undertaken by critical infrastructure sectors. These initiatives offer complementary, demonstrated models for enabling the government to share cyber threat intelligence with the private sector—thereby affording security professionals the opportunity to implement measures intended to reduce a business’ cyber risk profile—while protecting privacy and civil liberties.

In addition, the bill provides the needed legal certainty that threat and vulnerability information voluntarily shared with the government would be provided safe harbor against the risk of frivolous lawsuits, would be exempt from public disclosure, and could not be used by officials to regulate other activities. The legislation also includes an exemption from antitrust laws, which limit exchanges of information between private entities, in order to help prevent, investigate, and mitigate threats to cybersecurity.

We welcome the introduction of the Cyber Intelligence Sharing and Protection Act and urge your colleagues to co-sponsor it. We appreciate that you wrote the bill in a bipartisan and open manner and have worked diligently to seek common ground with privacy and civil liberties organizations on issues such as the definition of cyber threat information and how the government can use the information that it receives from companies and utilities. You added several amendments to better protect individuals’ privacy prior to House passage last year. Our organizations encourage you to continue the dialogue with these communities as the bill moves

forward.

Passing the Cyber Intelligence Sharing and Protection Act is a specific action that Congress can take to bolster America’s cybersecurity while protecting personal privacy. We look forward to working with you and your staff on this important issue.

Sincerely,

Airlines for America

American Chemistry Council

American Fuel & Petrochemical Manufacturers

American Gas Association

American Petroleum Institute

ASIS International

Association of American Railroads

CTIA–The Wireless Association

Edison Electric Institute

Information Technology Industry Council

Internet Security Alliance

National Association of Manufacturers

National Business Coalition on E-Commerce & Privacy

The Real Estate Roundtable

Software & Information Industry Association

Telecommunications Industry Association

United States Telecom Association

U.S. Chamber of Commerce

cc: Members of the U.S. House of Representatives