Senate committee advances CISA cybersecurity bill

The Senate Intelligence Committee recently advanced the Cyber Information Sharing Act, moving the legislation closer to reaching floor debate. This debate is likely to prove contentious, as CISA is a controversial, polarizing effort to improve the nation's cybersecurity.

Two sides
The bill, which passed by a 12-3 committee vote, is lauded by supporters as an important, necessary step. The legislation aims to improve relations between government agencies and companies as they strive to counter cyberattackers. To this end, it encourages data sharing between the private and public sector by, among other things, protecting businesses from lawsuits in the event they willingly reveal cyberthreat-related information.

"To strengthen our [computer] networks, the government and private sector need to share information about attacks they are facing and how best to defend against them," said Sen. Dianne Feinstein (D-Calif.), the committee chair. "This bill provides for that sharing through a purely voluntary process and with significant measures to protect private information."

However, many groups worry that CISA poses a significant threat to individuals' privacy. InformationWeek noted that the American Civil Liberties Union, Center for Democracy and Technology and numerous other advocacy groups sent a letter to Feinstein and Sen. Saxby Chambliss (R-Ga.), vice chair of the Senate Intelligence Committee, explaining their concerns and arguing that CISA fails to reckon with the NSA's data gathering behavior.

"Instead of reining in NSA surveillance, the bill would facilitate a vast flow of private communications data to the NSA," the letter stated, according to the news source. "CISA omits many of the civil liberties protections that were incorporated, after thorough consideration, into the cybersecurity legislation the Senate last considered."

InformationWeek also noted that a petition against CISA's House-passed counterpart, the Cyber Intelligence Sharing and Protection Act, received more than 117,000 signatures. The White House also threatened to veto this legislation.

Expressing privacy concerns, both Senators Ron Wyden (D-Or.) and Mark Udall (D-Co.) opposed CISA. In a joint statement, the senators explained that while greater cybersecurity efforts are needed and that information-sharing between the public and private sector is essential, this legislation lacks sufficient protections for Americans' constitutional right to privacy.

Despite these objections, Chambliss asserted that CISA "is a strong, bipartisan bill," the Washington Post reported. Chambliss further argued that the Senate should aim to pass the legislation before the August recess.