Senate to battle today on controversial CISA cyber security bill

Critics of the bill say it is designed to collect personal data on people

Senate to battle Tuesday on controversial CISA cybersecurity bill

The Senate will battle over CISA on Tuesday

Credit: IDGNS

The U.S. Senate is scheduled to consider early today the Cybersecurity Information Sharing Act of 2015, a controversial bill that is intended to encourage businesses to share information about cyber threats with the government by providing them immunity from customer lawsuits.

The CISA bill has been criticized by civil rights groups and some companies in the technology industry, which claim the proposed legislation, dubbed a surveillance bill in disguise, provides loopholes for government intelligence agencies like the National Security Agency to get access to personal information of users.

The bill has powerful backers though, including industry groups, many lawmakers and the White House, which believe the legislation is necessary in the wake of a large number of recent cyber attacks on companies and government agencies.

Of particular concern to privacy groups is a provision in CISA that allows for the direct sharing of information with agencies without the Department of Homeland Security performing its traditional lead role in this regard. The DHS opposed this provision in a letter in July to Senator Al Franken, a Democrat from Minnesota, saying it would be inefficient and affect user privacy.

The administration of President Barack Obama has backed the sharing of cyber threat information with the federal government but said it would support it being routed through the DHS and then disseminated in "real time" to other agencies with appropriate privacy protections. The provision for real-time sharing has been criticized by privacy groups as there is concern that current DHS privacy protections won’t be applied to the information.

The Senate will convene at 10:00 am on Tuesday and consider amendments to the bill, which have been proposed by both its backers and opponents. Senator Ron Wyden, a Democrat from Oregon and a strong privacy advocate, has proposed an amendment to improve the requirements relating to removal of personal information from cyber threat indicators before sharing.

In contrast, Senator Tom Cotton, a Republican from Arkansas, will push for liability protection for businesses that share cyber threats with the Federal Bureau of Investigation and the Secret Service. This amendment will likely prove to be divisive as it would run counter to the views of the Obama administration and those of privacy advocates over the intermediary role of the DHS.

Cotton wants to allow businesses that  have established threat-sharing relationships with the FBI or Secret Service "to maintain their existing channels for sharing without incurring significant costs and delays to establish new ones with DHS."

After considering the amendments, the Senate could try to pass the bill. Fight For the Future, an advocacy group opposed to CISA, said in a Reddit AMA (Ask Me Anything)  on Monday that "fortunately, CISA isn't law yet, but it will have its final Senate vote this week and we need a dozen more senators to vote against it." It has called on people to contact their legislators to convey their opposition to the bill.

To comment on this article and other InfoWorld content, visit InfoWorld's LinkedIn page, Facebook page and Twitter stream.
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.