State

New Pennsylvania legislation would convene cyber-focused group of lawmakers

A resolution just introduced would create a committee in the Legislature to study cybersecurity in the state.

August 1, 2016

New legislation in Pennsylvania would convene a group of lawmakers to study how the state’s agencies can better ward off cyberattacks.

State Rep. Rick Saccone introduced H.R. 1961 last week, and the resolution would form a new “Select Subcommittee on Commonwealth Security” under the House’s Committee on State Government.

The group would split its focus between studying traditional homeland security issues and cybersecurity topics, with the goal of holding regular hearings and issuing reports on these subjects.

“The state must adjust its policies to face cyberattacks,” Saccone and Rep. Kristin Hill (the resolution’s co-sponsor) wrote in a letter soliciting support from other lawmakers. “This threat is evidenced by the actions of foreign nations including China, Russia and North Korea. These nations have routinely attempted to hack into government or corporate agencies to steal proprietary information. Whether it was the North Koreans stealing blueprints for the F-15 or Russia or China stealing corporate information, cyberattacks are a new and growing threat to the safety of our economy and our state.”

Indeed, the resolution specifically cites the danger posed by “foreign nations” launching “cyberattacks on corporations based in the United States to steal proprietary information” and the potential for them to “target government agencies,” as prime justifications for the creation of the new subcommittee.

The legislation calls for six lawmakers on the 27-member state government committee to sit on the new subcommittee.

The committee’s chairman, Republican Rep. Daryl Metcalfe, would choose four of its members and a chair for the group. Meanwhile, its minority chairman, Democratic Rep. Mark Cohen, would get to pick the other two members. Notably, Saccone and Hill (both Republicans) already sit on the state government committee.

If created, the subcommittee would then “hold hearings, call witnesses, take testimony and conduct investigations at places deemed necessary” and “instruct any person to appear before the select subcommittee to answer questions within the scope of inquiry by the select subcommittee.” Additionally, the group would “produce books, papers, records, accounts, reports and documents as the select subcommittee deems necessary.”

The resolution is now up for consideration in the state government committee itself. However, it may be a while before lawmakers act on it — Pennsylvania’s Legislature doesn’t reconvene until Sept. 19.

However, there is some precedent for the establishment of similar groups in states across the country, though they’re often formed under the purview of the executive branch. A StateScoop analysis found that governors in 21 states presided over the meetings of cybersecurity-focused groups over the course of the last year.