House approves CISPA
Debate about a controversial cybersecurity bill moves now to the Senate following the House's April 26 passage of the Cyber Intelligence Sharing and Protection Act.
The bill (H.R. 3523) has garnered considerable opposition from privacy and civil liberties groups as well as a possible threat of veto from the White House. The version approved by the House in a 248-168 vote split mainly, but not absolutely, along party lines with most Republicans favoring it, includes some amendments meant to address concerns. Forty two Democrats voted for it, while 28 Republicans opposed it.
An amendment (.pdf) sponsored by Rep. Bob Goodlatte (R-Va.) that narrows the definition of information that can be shared under CISPA became a part of the bill after a vote of 414-1.
The House also approved an amendment (.pdf) sponsored by Rep. Ben Quayle (R-Ariz.) restricting usage of cyber threat information shared by the private sector with the government cybersecurity purposes and the investigation and prosecution of cybersecurity crimes, as well as in investigations and prosecutions involving serious bodily harm or for the protection of minors from child pornography or serious physical threats, and to "protect the national security of the United States" by a vote of 410-3.
However, the House did not go far enough for most critics. It would still allow the "unfettered sharing of private communication with the government," permit that information to go to the National Security Agency and still let the government use the information for too-broad purposes, said the Center for Democracy and Technology in a statement. The American Civil Liberties Union and the Electronic Frontier Foundation also issued statements denouncing the bill.
The bill's fate in the Senate is uncertain, since there's no direct counterpart in the other chamber. The nearest equivalents are a bill (S. 2105) sponsored by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Collins) that administration officials have indicated support for, as well as a bill (S. 2151) sponsored by Sen. John McCain (R-Ariz.) that has yet to clear the Senate Commerce, Science and Transportation Committee.
Meanwhile, in a move that's being interpreted as a withdrawal of support, Microsoft issued a statement April 27 stating that it believes cybersecurity information sharing legislation should facilitate information sharing "in a manner that allows us to honor the privacy and security promises we make to our customers."
- go to the THOMAS page for CIPSA
White House threatens CISPA veto
CISPA sponsors say they'll further amend bill to address privacy concerns
White House emphasizes need for privacy protection in cybersecurity bills
CISPA sponsors narrow bill