Menu
Senate heads toward vote on CISA cyberthreat info sharing bill

Senate heads toward vote on CISA cyberthreat info sharing bill

A preliminary vote on the controversial bill could happen as soon as Wednesday

The U.S. Senate could take a preliminary vote as soon as Wednesday on a controversial bill intended to encourage businesses to share cyberthreat information with each other and with government agencies, despite concerns that the legislation would allow the widespread sharing of personal customer data.

Senate leaders are attempting to iron out compromise language to address privacy concerns in the Cybersecurity Information Sharing Act (CISA), but if no compromise is reached Senate Majority Leader Mitch McConnell will schedule a so-called cloture vote on Wednesday morning, said a spokesman for McConnell, a Kentucky Republican.

A cloture vote would limit debate on the bill and move the Senate toward final passage, potentially before the Senate leaves for a four-week summer recess this weekend.

CISA would protect from customer lawsuits businesses that share cyberthreat information, but privacy groups have opposed the bill, saying it would allow businesses to share customers' personal information with the National Security Agency and other intelligence agencies.

CISA would be a "trigger" for the NSA to target U.S. residents for surveillance, Jonathan Mayer, a security researcher and lawyer at Stanford University, said last week.

In a letter sent last week, the Department of Homeland Security also raised privacy concerns.

CISA could "contribute to the compromise of personally identifiable information by spreading it further", by mandating that DHS, the agency that would receive most of the shared cyberthreat information, share that information in real time without scrubbing out personal data, the agency said in its letter.

Privacy groups criticized the move toward a vote in the Senate after a recent campaign against the bill resulted in more than 6 million faxes sent to Congress.

Digital rights group Access is "deeply disappointed that Leader McConnell has chosen to ignore the will of the people and push ahead with consideration of this deeply flawed cybersurveillance bill before the August recess," Amie Stepanovich, U.S. policy manager for the group, said by email. "Any senator who values privacy and security must reject this attempt to sacrifice both at the altar of increased surveillance and corporate liability protections."

Supporters of CISA say the legislation is needed to stimulate a cyberthreat information sharing culture among U.S. businesses. Many businesses are reluctant to share information because of potential customer lawsuits, said former U.S. Representative Mike Rogers, sponsor of the controversial Cyber Intelligence Sharing and Protection Act (CISPA), a similar bill that failed to become law after President Barack Obama threatened to veto it.

CISA is the "one piece of legislation" that could help fix the U.S. cybersecurity weaknesses, Rogers said during a cybersecurity event Monday. "If we can share malicious source code in real time -- machine to machine, zeroes and ones in light speed -- we might be able to put a dent in this."

The concerns from DHS over CISA means "our own government is going to work against itself over the details over how we come up with a cybersharing regime," Rogers added.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Mitch McConnellU.S. Department of National SecurityU.S. SenatelegislationgovernmentMike RogersU.S. National Security Agenydata protectionprivacyAccessJonathan MayersecurityAmie Stepanovich

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Kiwi channel comes together for another round of After Hours

Kiwi channel comes together for another round of After Hours

The channel came together for another round of After Hours, with a bumper crowd of distributors, vendors and partners descending on The Jefferson in Auckland. Photos by Maria Stefina.​

Kiwi channel comes together for another round of After Hours
Show Comments