This week, the House of Representatives is expected to take up a controversial bill intended to enhance information sharing between the government and the private sector in an effort to improve the nation’s cybersecurity.
In an 18-2 vote, the House Intelligence Committee on Wednesday approved a revised version of the Cyber Intelligence Sharing and Protection Act (CISPA), which was reintroduced in February by Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) after passing the House last April, but failing in the Senate in August.
“Through hard work and compromise, we have produced a balanced bill that provides strong protections for privacy and civil liberties, while enabling effective cyber-threat sharing,” Rogers said in a statement. “The decisiveness of the vote shows the tremendous bipartisan support for this bill.”
But despite revisions made to CISPA over the course of a year, privacy advocates are still concerned that the legislation could unjustly hold private sector companies accountable for certain disclosures made to the government, or for unintentionally misusing cyber threat information provided by the government.
“We support the intent of the Cyber Intelligence Sharing and Protection Act, but we are disappointed in some aspects of it and believe that it can be improved to better protect privacy and civil liberties, while still working effectively to enhance cybersecurity,” Democratic Reps. Jim Himes (Conn.), Adam Schiff (Calif.), Jan Schakowsky (Ill.) and Luis Gutiérrez (Ill.) wrote in an addendum.
The group went on to write that they were “concerned that the liability shield provided in the bill is overly broad and fails to provide reasonable protections for consumers.”
Headed to the floor for a full House vote as early as this week, CISPA is also facing scrutiny from the White House over privacy uncertainties.
“We continue to believe that information sharing improvements are essential to effective legislation, but they must include privacy and civil liberties protections, reinforce the roles of civilian and intelligence agencies, and include targeted liability protections,” Caitlin Hayden, a National Security Council spokeswoman, said in a statement according to the Los Angeles Times. “We believe the adopted committee amendments reflect a good-faith effort to incorporate some of the Administration’s important substantive concerns, but we do not believe these changes have addressed some outstanding fundamental priorities.”
Though it’s unclear whether President Obama would veto the bill if it made its way to his desk, the White House’s statement on CISPA came the same day the president unveiled his budget proposal for fiscal year 2014.
Under the proposal, Obama moved to raise the Defense Department’s cyber budget to $4.7 billion, according to Reuters, increasing the cyber spending limit by $800 million – up from $3.9 billion in FY 2013.
