Empowered Democrats could push information security legislation

Democratic lawmakers supportive of privacy and information security reform will soon get the chance to quicken legislation after the GOP on Tuesday lost control of the House of Representatives and likely the Senate, a leading security lobbyist said today.

Paul Kurtz, executive director of the Cyber Security Industry Alliance, told SCMagazine.com that while privacy and data security legislation remains a bi-partisan topic, it might see some increased movement now that Democrats have gained control of at least one chamber of Congress.

Depending on how a Senate race recount plays out in Virginia, where Democrat Jim Webb and incumbent Republican Sen. George Allen are neck-and-neck, the Democrats could gain control of the Senate as well.

Kurtz cited Democratic Sens. Patrick Leahy, Chuck Schumer, Ben Nelson and Dianne Feinstein as four lawmakers chomping at the bit to take the lead on a federal data security and breach notification law. Various versions of the bill have been stalled in committees for months as congressional leaders debate details such as the threshold for notification, Kurtz said.

"All (four senators) have been very interested in information security and privacy issues," he said. "With the Democrats winning, we would expect to see more expeditious action than if the Republicans somehow maintained power."

But Marne Gordan, director of regulatory affairs at managed security services provider Cybertrust, said the Congressional shake-up does have a downside. Two staunch Republican proponents of IT security reform, Reps. Tom Davis of Virginia and Adam Putnam of Florida, will now be in the minority.

"It kind of hurts to have them out of leadership," she said.

Regardless of the new split, momentum should continue to build from both sides, Gordan told SCMagazine.com

"If you look at how many companies had data breaches in 2006, it's amazing," she said today. "It's getting to be a cyber-epidemic. We're going to have to pay attention to it sometime, and I think the year between elections is the time to do it."

Meanwhile, Bev Harris, director of nonprofit election watchdog BlackBoxVoting.org, said she is anxious to see how, come January, the House's new controlling party will respond to electronic voting concerns.

Many candidates made voting machine reform part of their platforms leading up to Tuesday's election, she said. But Harris - who supports requiring all machines to leave a paper trail - will reserve celebrating until they act on those campaign promises.

"It's like, ‘Oh the Democrats won,'" Harris told SCMagazine.com. "In truth, absolutely nothing has changed between yesterday and today in terms of the accuracy of voting machines. I think it will be a real litmus test to see if who said they were concerned about voting machines remains concerned."

Harris said that since Tuesday, her organization has received hundreds of reports of election problems, including missing memory cards and broken-down machines.

However, Diebold, the nation's largest manufacturer of touch-screen and optical scan voting machines, reported no major problems at the polls.

"Yesterday went extremely well for the jurisdictions using our equipment," Mark Radke, Diebold's director of marketing, told SCMagazine.com today.

He said many of the so-called glitches and breakdowns could be attributed to poll workers failing to report in time to set up the equipment or delivering voter access cards to the wrong districts.

But Harris will not be happy until all e-voting machines include a paper audit trail. She referred to voters in Sarasota County, Fla. who approved a referendum question that would replace the touch-screen voting machines with optical scan machines that use paper ballots.

"I definitely want something citizens can oversee," said Harris, who was featured in a recent HBO documentary "Hacking Democracy." Right now, we can't authenticate the vote in most cases."

Diebold - which has endured much criticism from security experts who claimed the company manufactured equipment that is susceptible to hacker attacks and viruses - deployed 130,000 touch-screen machines and 24,000 optical scan units across 37 states in Tuesday's election, Radke said. The company has statewide deployment in Georgia, Maryland, Mississippi and Utah.

Click here to email Dan Kaplan.

Sign up to our newsletters