Menu
Senate heads toward vote on CISA cyberthreat info sharing bill

Senate heads toward vote on CISA cyberthreat info sharing bill

A preliminary vote on the controversial bill could happen as soon as Wednesday

The U.S. Senate could take a preliminary vote as soon as Wednesday on a controversial bill intended to encourage businesses to share cyberthreat information with each other and with government agencies, despite concerns that the legislation would allow the widespread sharing of personal customer data.

Senate leaders are attempting to iron out compromise language to address privacy concerns in the Cybersecurity Information Sharing Act (CISA), but if no compromise is reached Senate Majority Leader Mitch McConnell will schedule a so-called cloture vote on Wednesday morning, said a spokesman for McConnell, a Kentucky Republican.

A cloture vote would limit debate on the bill and move the Senate toward final passage, potentially before the Senate leaves for a four-week summer recess this weekend.

CISA would protect from customer lawsuits businesses that share cyberthreat information, but privacy groups have opposed the bill, saying it would allow businesses to share customers' personal information with the National Security Agency and other intelligence agencies.

CISA would be a "trigger" for the NSA to target U.S. residents for surveillance, Jonathan Mayer, a security researcher and lawyer at Stanford University, said last week.

In a letter sent last week, the Department of Homeland Security also raised privacy concerns.

CISA could "contribute to the compromise of personally identifiable information by spreading it further", by mandating that DHS, the agency that would receive most of the shared cyberthreat information, share that information in real time without scrubbing out personal data, the agency said in its letter.

Privacy groups criticized the move toward a vote in the Senate after a recent campaign against the bill resulted in more than 6 million faxes sent to Congress.

Digital rights group Access is "deeply disappointed that Leader McConnell has chosen to ignore the will of the people and push ahead with consideration of this deeply flawed cybersurveillance bill before the August recess," Amie Stepanovich, U.S. policy manager for the group, said by email. "Any senator who values privacy and security must reject this attempt to sacrifice both at the altar of increased surveillance and corporate liability protections."

Supporters of CISA say the legislation is needed to stimulate a cyberthreat information sharing culture among U.S. businesses. Many businesses are reluctant to share information because of potential customer lawsuits, said former U.S. Representative Mike Rogers, sponsor of the controversial Cyber Intelligence Sharing and Protection Act (CISPA), a similar bill that failed to become law after President Barack Obama threatened to veto it.

CISA is the "one piece of legislation" that could help fix the U.S. cybersecurity weaknesses, Rogers said during a cybersecurity event Monday. "If we can share malicious source code in real time -- machine to machine, zeroes and ones in light speed -- we might be able to put a dent in this."

The concerns from DHS over CISA means "our own government is going to work against itself over the details over how we come up with a cybersharing regime," Rogers added.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags governmentprivacylegislationdata protectionAccessU.S. SenateMike RogersJonathan MayerAmie StepanovichMitch McConnellU.S. National Security AgenyU.S. Department of National Security

Featured

Slideshows

Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
EDGE 2019: Channel forges new partnerships during evening networking

EDGE 2019: Channel forges new partnerships during evening networking

Partners, vendors and distributors reconnected during a number of social gatherings during EDGE 2019. The first evening saw the channel congregate for a welcome party at the Hamilton Island yacht club, while the main poolside proved to be the perfect stop for a barbecue on the final night.

EDGE 2019: Channel forges new partnerships during evening networking
Show Comments