During an ambitious State of the Union speech on Tuesday evening, President Barack Obama announced that he has signed an executive order intended to protect computer networks across the country.
The new directive will allow the Department of Homeland Security to share unclassified information with companies it feels may be susceptible to cyberattacks. It will also permit the government to share classified material with organizations in charge of operating critical infrastructure such as power grids and financial institutions.
"We know hackers steal people's identities and infiltrate private email," said Obama. "We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems."
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy."
Hoping to quell the concern of privacy advocates, the administration is limiting what information it expects to be shared. Content handed over to private companies will not include private data such as email; instead, it will only consist of direct, network-related threats.
What's more, unlike last year's controversial Cyber Intelligence Sharing and Protection Act (CISPA), the order does not grant companies legal immunity for sharing an individual's information with the government. Although privately-owned operations are still welcome to share information with the administration, they will be open to legal repurcussions should they violate established privacy laws.
Last year, the House of Representatives passed CISPA only to watch the bill die in the Senate, thanks in part due to the leniency it afforded private companies.
Recognizing that his executive order cannot replace comprehensive legislation, especially since it cannot legally require companies to recognize new regulations, Obama called on Congress to supplement his order with more substantive laws.
"Now Congress must act as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks," said Obama.
Whether or not Congress will follow his lead is another matter altogether. Late last year, Senate Republicans told the president that any executive order concerning cyber security would only "solidify the present divide."
Aside from privacy concerns, cybersecurity legislation has been bogged down by debates over regulation. Democrats say any law must require critical infrastructure operators to meet a minimum set of security standards. Since the vast majority of these operators are privately owned, Republicans say that the government shouldn't burden them with costly regulations.