Washington, D.C. – The Subcommittee on Environment today held a hearing titled Impact of EPA’s Clean Power Plan on States. The hearing examined the impact of EPA’s Clean Power Plan on the state level as well as implementation and associated economic and legal issues at the national level.
At least 26 states have sued EPA over the Clean Power Plan, citing an overreach of the agency’s authority under the Clean Air Act and an unlawful attempt to usurp states’ ability to regulate electrical generation systems. This past March, the Supreme Court issued a "stay" of the Clean Power Plan, which prevents the EPA from enforcing any of the rule's requirements until the lawsuits against it are fully resolved. Even so, the EPA has been moving forward with a shadow regulatory structure to implement the Clean Power Plan.
Environment Subcommitte Chaiman Bridenstine (R-Okla.): “We have learned in previous hearings that these regulations are all pain with no gain. The Clean Power Plan does nothing to avert future temperature rise or prevent further sea rise. However, the economic costs to Americans will be approximately $29-$39 billion per year.
“EPA regulations should always respect the sovereignty of states, especially since it is the citizens in each state who bear the brunt of EPA’s rules. I am particularly concerned with how this rule will affect the hard-working residents of my district in the state of Oklahoma.”
Chairman Bridenstine welcomed his home state Attorney General, Mr. Scott Pruitt, who testified that the Clean Power Plan is “extraordinary in its intrusion into the sovereignty of the states.” The Committee also heard from Rice University Energy and Environment Institute Executive Director Charles McConnell who testified that EPA’s plan will cause double digit energy price increases and create hidden costs in electricity generation and transmission upgrades, all while providing no significant environmental impact.
Chairman Lamar Smith (R-Texas): “[EPA’s] regulations perpetrate a fraud on the American people. The so-called Clean Power Plan will cost billions of dollars, cause financial hardship for American families, and diminish the competitiveness of American employers, all with no significant benefit.
“The administration’s alarmism is not good science and intentionally misleads the American people. The president’s signed Paris pledge will increase electricity costs, ration energy and slow economic growth. It ignores good science and only seeks to advance a partisan political agenda.”
For more information about today’s hearing, including the webcast and witness testimony, visit the Committee’s website. Read More
Washington, D.C. – House Speaker Paul Ryan (R-WI) today named Science, Space, and Technology Committee Chairman Lamar Smith (R-Texas) and Energy Subcommittee Chairman Randy Weber (R-Texas) to serve on a bipartisan conference committee charged with producing final legislation to modernize our energy laws to create more American jobs and a stronger economy. The conference with Senate lawmakers will yield the first comprehensive energy package in close to 10 years.
House Speaker Paul Ryan (R-WI): “Maximizing America’s energy potential is vital—not just for creating jobs and building our economy, but for strengthening America’s strategic leverage on the global stage.
“Unfortunately, outdated infrastructure and heavy-handed regulations are stopping us from achieving these goals. This legislation modernizes our energy infrastructure so we can address these and other urgent priorities for the country, from tackling California’s drought crisis to healing our forests in order to prevent wildfires.”
Conferees are responsible for reconciling S. 2012, the Energy Policy Modernization Act of 2016, and the House Amendment to S. 2012. The House Amendment contains provisions of the House passed America COMPETES Reauthorization Act of 2015 (H.R. 1806) and the Nuclear Energy Innovation Capabilities Act (H.R. 4084).
The America COMPETES Reauthorization Act of 2015 is a pro-science, fiscally responsible bill to keep America competitive and reestablish the federal government’s primary scientific role to fund basic research. H.R. 1806 was introduced by Chairman Lamar Smith (R-Texas) and cosponsored by Vice-Chair Frank Lucas (R-Okla.) and all five subcommittee chairs.
Chairman Lamar Smith (R-Texas): “We must make strategic investments in basic research and development to remain the global leader in science and innovation. The America COMPETES Reauthorization Act of 2015 prioritizes taxpayer investments in basic research without increasing overall federal spending. The reprioritization of basic research will help ensure future U.S. economic competitiveness and security. And it will spur private sector technological innovation. I look forward to working with Speaker Ryan, Chairman Weber and the other conferees on reconciling this legislation to set the right priorities for federal civilian research and keep America’s economy strong.”
The Nuclear Energy Innovation Capabilities Act, which passed the House as part of the National Defense Authorization Act in May 2016, is a bipartisan bill to support federal research and development (R&D) and stimulate private investment in advanced nuclear reactor technologies in the United States. It was introduced by Energy Subcommittee Chairman Randy Weber with cosponsors Chairman Smith, Energy Subcommittee Vice Chairman Steve Knight, and 26 additional cosponsors.
Energy Subcommittee Chairman Weber (R-Texas): “America must maintain our R&D capabilities, and continue to develop cutting edge nuclear technology here at home. Without the prioritization outlined in this bill, we’ll lose the ability to develop innovative nuclear technology and be left importing reactor designs from overseas. Right now, we have the best nuclear engineers and manufacturing capacity in the world. America’s export economy is a key to our global strength and this bill will provide a long term plan to ensure that we do not lose our talent.”
This legislation has strong support from members on both sides of the aisle as well as numerous outside organizations. Read More
Washington, D.C. – Chairman Lamar Smith (R-Texas) today called on the Obama administration to raise the travel alert to level three for Brazil, Colombia and other countries with high levels of Zika infections. His request came during a Science, Space, and Technology Committee hearing on the science of Zika. A level three travel warning acknowledges high risk to travelers and recommends avoiding all non-essential travel.
Witnesses including Dr. Kacey Ernst of the Department of Epidemiology and Biostatistics at the University of Arizona, Dr. Daniel Neafsey of the Genomic Center for Infectious Disease at the Broad Institute of MIT and Harvard, and Dr. Steven Presley of the Department of Environmental Toxicology at Texas Tech University testified that stricter travel advisories should be implemented and all non-essential travel to areas with high levels of the Zika virus should be avoided.
Watch the exchange here.
Chairman Lamar Smith (R-Texas): “These dangers raise serious questions about the administration’s handling of travel alerts. The CDC has issued only level two alerts for 49 countries and territories, which advise travelers to only ‘practice enhanced precautions.’ They have not issued any level three warnings to ‘avoid nonessential travel,’ as they did during the Ebola epidemic in West Africa.
“The World Health Organization (WHO) in February declared Zika a ‘Public Health Emergency of International Concern’ (PHEIC). Such declaration is reserved for a situation that is ‘serious, unusual or unexpected; carries implications for public health beyond the affected State’s national border; and may require immediate international action.’
“Why has the administration not raised the travel alert level for countries with the highest number of Zika infections, such as Brazil and Colombia? Is the administration so worried about attendance at the Olympics in Brazil this summer that they’re willing to endanger American lives by not providing better warnings? At the least, pregnant women should be told to avoid nonessential travel to Brazil and Colombia. Anything less is putting political correctness ahead of the well-being of American women.”
While the most common symptoms of Zika are fever, rash, joint pain and conjunctivitis, the illness has been linked to severe birth defects in pregnant women. Zika has also been linked to serious neurological impacts in some adults.
As of last week, the World Health Organization identified 270,000 suspected cases of the Zika virus across 60 countries and territories. The two countries with the highest number of Zika infections are Brazil and Colombia. The U.S. Centers for Disease Control and Protection (CDC) has identified 544 cases in the continental United States, all of which were acquired through travel to an affected area. Over 300 of these cases are pregnant women. Read More
Washington, D.C. – The Science, Space, and Technology Committee today approved the Networking and Information Technology Research and Development (NITRD) Modernization Act of 2016, sponsored by Rep. Darin LaHood (R-Ill.). The NITRD Program was originally authorized by the High Performance Computing Act of 1991. It is the federal government’s primary research portfolio on transformative high-end computing, high-speed networking, high capacity systems software, cybersecurity, and related advanced information technologies.
Chairman Smith (R-Texas): “In this digital age, it is critically important to protect our nation’s computer networking systems. This bill provides the coordinated R&D efforts necessary to improve cyber and data security nationwide. Better network security promotes U.S. competitiveness, enhances national security and creates high-tech jobs.”
This legislation encourages agencies to focus on research to better detect, prevent and recover from actions that compromise or threaten computer-based systems. In addition, this bill improves interagency coordination and rebalances research portfolios to focus on large-scale, long-term interdisciplinary projects.
Rep. Darin LaHood (R-Ill.): “As technology rapidly advances, the need for research and development continues to evolve. NITRD works to prevent duplicative and overlapping R&D efforts, thereby enabling more efficient use of government resources and taxpayer dollars, while also supporting new and innovative research and development efforts at our nation’s universities and through public-private partnerships.”
In October, the Science Committee held a hearing on the current state of the NITRD program. At the hearing, witnesses provided recommendations for how to improve and more tightly focus this $4.5 billion annual initiative. The Networking and Information Technology Research and Development (NITRD) Modernization Act of 2016 updates and clarifies legislation from last Congress to reflect these recommendations. Read More
WASHINGTON—An investigation by House lawmakers turned up “significant shortfalls” in a U.S. bank regulator’s cybersecurity policies, leaving it susceptible to stolen private information and regulatory data, House Republicans said Tuesday.
Following a subcommittee hearing earlier this month on seven cybersecurity breaches at the Federal Deposit Insurance Corp., new information obtained by the House Committee on Science, Space, and Technology indicates the agency may have misrepresented cybersecurity policies, hid information from lawmakers, and has a culture of obstructing whistleblowers.
“This information raises serious concerns about whether additional data breaches have occurred without detection due to inherent weaknesses in the FDIC’s system used to monitor data breaches,” Reps. Lamar Smith (R., Texas), chairman of the House Committee on Science, Space and Technology, and Barry Loudermilk (R., Ga.), chairman of the subcommittee on oversight, wrote in a joint letter Tuesday to FDIC Chairman Martin Gruenberg seen by The Wall Street Journal.
At the earlier hearing, the agency’s chief information officer and chief privacy officer, Lawrence Gross, testified that the FDIC has a “strong information security program to identify events that could signal a data security incident.” But the committee’s GOP leaders said evidence suggests the agency doesn’t monitor current employees’ computer activities, including whether they download sensitive information on portable devices.
“This leaves important information, including personally identifiable banking information for millions of Americans and banks’ living wills vulnerable to data breaches by FDIC employees, who currently have access to sensitive information at the agency,” Mr. Loudermilk wrote, referencing bank documents that explain how a bank could go through bankruptcy without relying on taxpayer money.
The committee asked Mr. Gruenberg to testify on July 14 and sought more documents and transcribed interviews with individuals who have been involved with the agency’s production of requested materials.
A spokeswoman for the FDIC declined to comment on the letter, which wasn’t the first sent to the agency by the House committee. Last Thursday, the committee sent a letter to Mr. Gross regarding his testimony during this month’s hearing.
Since October 2015, the FDIC has disclosed to Congress seven breaches that occurred as employees left the agency, taking sensitive data with them. The incidents potentially exposed private personal information of nearly 160,000 Americans. At the May hearing, Mr. Gross testified it was a coincidence that all of the events reported to Congress in the last three months involved employees leaving the FDIC.
The inspector generals of both the Federal Reserve and the FDIC are conducting a separate investigation into leaked information tied to the results of banks so-called living wills.
Mr. Gross said the agency is taking steps to better defend itself against cyberattacks, including eliminating the use of portable storage devices like flash drives or CDs by employees. The agency is also upgrading software to better protect sensitive information and is undertaking a review of all security policies for all departing employees, he said.
Cybersecurity increasingly has been an issue for financial regulators. Earlier this month, the agency’s inspector general released a 2013 report showing that cybercriminals hacked into nearly 100 computers at the FDIC, stealing bank customers’ personal information. The breaches, which occurred between 2010 and 2011, included a dozen computers used by FDIC executives, including Sheila Bair, who was the agency’s chairwoman at the time.
The bank regulator doesn’t keep tabs on current employees, according to the committee’s investigation. That is in part because the program used to oversee such activities is “incapable” of detecting if an employee copies, downloads, or otherwise transfers encrypted FDIC information, the committee learned.
Mr. Loudermilk’s letter also echoed a criticism made by Republican lawmakers during the May 12 hearing. The FDIC, he wrote, has “repeatedly” tried to keep information from Congress, pointing to heavily redacted documents in response to the committee’s request for information. Information that was cut included identifying the employee responsible for the October 2015 security breach in Florida.
In its letter, the committee requested all documents be “preserved” to ensure a “full and complete record” could be made available in the event of future document requests. Among other things, it asked the FDIC to keep emails, electronic documents, handwritten notes, and data created since Jan. 1, 2009.
Information obtained by the committee shows the agency instructed employees “to avoid placing things in writing, including information related to the agency’s data breaches.”
“If true, these allegations raise serious concerns about whether the agency is attempting to circumvent federal records requirements, diminish the universe of information that could be responsive to congressional requests, and ultimately hide the truth from congressional overseers,” according to Mr. Loudermilk’s letter.
The committee also asked the agency to notify former employees who may have access to such electronic records to halt any practice to destroy or alter such electronic records.
The committee also requested interviews with nine employees at the agency who had been tapped to procure materials tied to the security breach. They include Roberta McInerney, deputy general counsel for consumer and legislation, Andy Jiminez, director of legislative affairs, and Roderick Toms, acting chief information security officer, information security and privacy staff. Read More
Committee Print of H.R. ____, the “Networking and Information Technology Research and Development Modernization Act of 2016”, approved by voice vote
Manager's Amendment, offered by Mr. Smith (R-Texas), approved by voice vote
Lipinksi (095), offered by Mr. Lipinksi (D-IL), approved by voice vote
The House Committee on Science, Space and Technology is giving the FDIC chairman and CIO a chance to revise the latter’s testimony from a May 12 hearing investigating the corporation’s response to several major data breaches and failure to report the incidents to Congress.
During that hearing, FDIC CIO Larry Gross told lawmakers the seven breaches — all of which involved outgoing employees leaving the agency with tens of thousands of sensitive records, affecting a combined 160,000 individuals — were inadvertent, not malicious and, in his assessment, didn’t rise to the level of “major” breach.
Gross and FDIC officials ultimately agreed with the inspector general’s ruling that these incidents do deserve the “major” designation and retroactively reported all seven to Congress.
However, lawmakers were not satisfied and opened an investigation into the FDIC’s response policies, which included the May 12 public hearing. After that initial hearing, Committee members still aren’t satisfied with what they’re calling the FDIC’s “lackluster response to the Committee’s document requests” and Gross’ “false and misleading” testimony.
“Witnesses who purposely give false or misleading testimony during a congressional hearing may be subject to criminal liability,” Committee Chairman Lamar Smith, R-Texas, and Oversight Subcommittee Chairman Barry Loudermilk, R-Ga., wrote in a May 19 letter to FDIC Chairman Martin Gruenberg. “With that in mind, we write to request that Mr. Gross correct the record and to implore him to be truthful with the American public about matters related to FDIC cybersecurity breaches.”
The letter requests clarification on a number of points but two stand out: Whether a particular breach was truly caused by the employee’s lack of technical skill and discrepancies between the CIO and IG’s responses to the documents request.
Mastery of IT
While the May 12 hearing addressed seven separate incidents in which outgoing employees left with sensitive FDIC data, much of the questioning focused on a breach that has become known internally as “the Florida incident.”
According to an IG report obtained by Federal Times, the Florida incident involved an employee downloading tens of thousands of records from her FDIC computer onto a portable hard drive before leaving the corporation for a job in the private sector.
While the IG report that spurred the FDIC to report the incident to Congress stated that the incident met the 10,000-record threshold, sources tell Federal Times the total number was actually upwards of 35,000.
In his testimony, Gross told the Committee this incident was “inadvertent” and primarily the result of the employee’s lack of proficiency with technology.
While that might have been true in some of the breaches, the former employee at the center of the Florida incident holds a master’s degree in IT management. Further, the May 19 letter asserts that Gross would have known this person’s credentials.
“Mr. Gross’ claim that the employee in question was not computer proficient raises serious questions regarding whether his testimony was intentionally misleading,” the letter states. “Considering the employee holds a master’s degree in information technology, it is troubling that she told the agency that she did not own an external hard drive or even know what an external hard drive is. Serious questions are raised when an FDIC employee holding a master’s degree in technology denies even knowing about basic computer technology and Mr. Gross, the CIO, believes the story.”
CIO’s response to documents request
During the May 12 hearing, Loudermilk noted the discrepancy between the number of documents provided by the CIO’s office and the number provided by the IG.
When he showed Gross the two stacks of paper side-by-side, the CIO told the Committee much of the IG’s response was duplicative, citing multiple instances of the FDIC’s breach response policy.
In the May 19 letter, Loudermilk and Smith take issue with this assertion, stating the IG provided 883 “individually unique responsive documents,” compared with the CIO’s 88.
“It appears that Mr. Gross only wanted to provide the Committee with testimony that supported his narrative and was prepared to only discuss examples that were cherry picked from the OIG’s document production,” the letter states.
The lawmakers also criticized FDIC’s legal department for limiting the scope of the CIO’s response.
During the hearing, Gross told the Committee he was not aware of any documents that were not provided or any attempt to limit the response. The letter cites information obtained by the Committee that directly contradicts this statement.
“It appears that officials in FDIC’s legal department tasked with scoping the document request reached out to Mr. Gross’ office with their proposal to limit the universe of responsive documents,” according to the letter. “Mr. Gross apparently agreed with the legal department’s scoping of the request given that the documents received by the Committee were only a fraction of the universe of responsive documents.”
The letter contends that FDIC officials continue to withhold information from the Committee and urged them to provide all relevant documents.
The Committee asked the FDIC to respond to these issues and two other discrepancies in Gross’ testimony by May 25. An FDIC spokesperson told Federal Times the corporation received the letter and plans to respond to the Committee but declined to comment on the allegations therein.
The Committee also plans to hold additional hearings to hear about the IG’s review of the agency’s cybersecurity policies and incident response, an ongoing criminal investigation and receive comments directly from Chairman Gruenberg. Read More