The controversial cybersecurity proposal that promotes information sharing between government and industry is one step closer to becoming reality, after a House panel yesterday amended the bill during a markup session. The bill is now headed to the House floor for a vote, possibly as early as next week.
The Permanent Select Committee on Intelligence on April 10 adopted six amendments and passed the H.R. 624, the Cyber Intelligence Sharing and Protection Act of 2013, with an 18-2 vote. Better known as CISPA, the bill aims to promote greater cooperation between the federal and private sectors by making it easier to share information on cyber threats.
Privacy advocates and other opponents of CISPA have maintained the bill gives the government too much control over the Internet and jeopardizes citizens’ sensitive information and data. In yesterday’s session, Ranking Member Dutch Ruppersberger (D-Md.) addressed some of those concerns, saying the implementation of the new amendments “shows a true commitment to making our bill better and improving privacy and civil liberties protections.”
The amendments include a provision that would limit the private sector’s use of any cybersecurity information received only to a cybersecurity use purpose. The committee also removed the bill’s “national security” use to narrow the government’s authorized uses of cyber threat information shared by the private sector.
“This bill takes a solid step toward helping American businesses protect their networks from … cyber looters,” Rep. Mike Rogers (R-Mich.), committee chairman, said in a statement. “Through hard work and compromise, we have produced a balanced bill that provides strong protections for privacy and civil liberties, while enabling effective cyber-threat sharing. The decisiveness of the vote shows the tremendous bipartisan support for this bill.”
Rep. Jan Schakowsky, one of two representatives who voted against CISPA, said the current version still lacks “balance.” None of her three amendments offered during the markup session to strengthen privacy protections were adopted.
“I strongly agree with the need to enact effective cybersecurity legislation, and commend the bipartisan effort of the House intelligence committee, but this bill doesn’t sufficiently protect individual privacy rights,” she said in a statement.
Mark M. Jaycox, policy analyst with the Electronic Frontier Foundation, echoed Schakowsky’s sentiments, saying the new amendments do not fix the fundamental privacy problems with the legislation.
“With this newest version of the bill, the chairman’s stance against ensuring privacy protections in CISPA is clear,” he told FedScoop. “More so, the members voted down amendments from Reps. [Adam] Schiff and Schakowsky that would’ve fixed some of the major problems voiced by privacy advocates.”
Under the current bill, companies can hand over potentially sensitive and private information to intelligence agencies, he said. The bill also still encourages the collection of this information by private companies, something Jaycox said furthers “a private surveillance system where user data is sent straight to the government.”
“CISPA still contains core privacy problems,” he said. “And the chairman’s stance against ensuring both security and privacy is shown by his attitude toward core privacy protective amendments that were offered at the hearing.”