The Senate passed a cybersecurity bill Tuesday focusing on strengthening cyber defenses in the country. The bill would also provide companies legal immunity for sharing their data with the federal government, despite lawmakers’ and consumer advocates’ protests concerning the protection of Americans’ privacy. This is the real first attempt at combating computer hacks in Congress.
The Cybersecurity Information Sharing Act (CISA), which would expand liability protections to companies that voluntarily share cyber-threat data with the government, must now be reconciled with legislation that was passed by the House of Representatives earlier this year. The bill cleared the Senate with a 74-21 vote and strong bipartisan backup, The Washington Post reports.
Lawmakers in both parties and the Obama administration have been trying to enact information-sharing legislation for years. It seems like they might finally get what they wanted and at a time when the number of security breaches have skyrocketed.
“For me this has been a six year effort…and it hasn’t been easy because what we tried to do was strike a balance and make the bill understandable so that there would be a cooperative effort to share between companies and with the government,” Sen. Dianne Feinstein (D-Calif.), co-author of the bill and vice-chairman of the Intelligence Committee said.
The White House announced their plan to support the bill last week; however, it stated that some things needed to be tweaked before the bill landed on Obama’s desk, Huffington Post reports. A round of amendments intended to make some of the bill’s privacy protections better was introduced Tuesday, but the bill’s bipartisan sponsors claimed last-minute changes would disrupt the bill’s language and the years of work put into it.
CISA was a proposal that faded away in the Senate over the years. Why? Many private groups, civil liberties groups and tech giants were concerned that their personal information would fall into the hands of the National Security Agency or that their information would be shared with other government agencies. They continue to fear that the bill will become one of secret surveillance that is beneficial for the Intelligence community.
Apple spoke up against the bill. “We don’t support the current CISA proposal,” the company said in a statement last week. “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.”
But businesses have argued against concerns claiming that information-sharing law is needed so that the private sector will cooperate more closely with the government on minimizing cyber threats without fear of lawsuits. IBM’s vice president for technology policy at their government and regulatory affairs office, Timothy J. Sheehy, said in a statement that “sharing technical details on the latest digital threats is critical to strengthening America’s cyberdefenses. Online criminals actively share information to penetrate networks, steal vital economic and national security data and compromise the personal information of millions of Americans.”
CISA skeptics have said that the bill won’t do much to protect against huge security breaches like Sony Pictures’ last year. And even some of the supporters have said that the bill is only a small step toward strengthening the U.S. cyber defenses.
Senate Democratic leader Harry Reid said that the bill was “far too weak” on Tuesday.