House approves CISPA despite privacy objections
The bill still needs to pass the Senate and get Obama's signature before becoming law
IDG News Service - The U.S. House of Representatives has voted to approve a controversial cyberthreat information-sharing bill, despite opposition from the White House and several privacy and digital rights groups.
The House on Thursday voted 288-127 to approve the Cyber Intelligence Sharing and Protection Act (CISPA), a bill that would allow U.S. intelligence agencies to share cyberthreat information with private companies. It would also shield private companies that voluntarily share cyberthreat information with each other and with government agencies from privacy lawsuits brought by customers.
The bill would still need to be passed by the U.S. Senate before heading to President Barack Obama for his signature. The Senate declined to act on another version of CISPA during the last session of Congress, and earlier this week, Obama's advisors threatened a veto, although that was before the House approved a handful of amendments intended to address privacy concerns.
CISPA would allow private companies to share a broad range of customer data with each other and with government agencies, privacy groups have complained.
Supporters, however, argued the legislation is needed to encourage better information sharing about active cyberattacks, resulting in better defense of U.S. networks. Federal law now prohibits intelligence agencies from sharing classified cyberthreat information with private companies.
The bill will help protect the U.S. against cyberattacks from China, Iran and other countries, supporters said. Cyberespionage has cost the U.S. tens of thousands of jobs, as foreign companies steal the blueprints of U.S. products, said Representative Mike Rogers, a Michigan Republican and primary sponsor of CISPA.
"If you want to take a shot across China's bow, this is the answer," he said to applause on the House floor.
The bill correctly balances privacy concerns with the need for security, added Representative Dan Maffei, a New York Democrat. Rogue nations and "even independent groups like WikiLeaks" are taking aggressive measures to attack the U.S. power grid, air-traffic control systems and customer financial data, he said.
"Every day, international agents, terrorists and criminal organizations attack the public and private networks of the United States," he said. "While I do always have some concern that the U.S. government may access our private information in the cyber sphere, I am more concerned that the Chinese government will access our private information."
The House on Thursday voted for a handful of amendments to the bill intended to improve privacy protections in the bill. Lawmakers approved an amendment designating the U.S. Department of Homeland Security and U.S. Department of Justice as the primary repositories of cybertheat information shared by private companies, addressing a concern by several privacy groups that CISPA would give the U.S. National Security Agency unfettered access to customer data.
- Mission Critical: Managing Mobile Applications & Content Smartphones, tablets and other mobile devices have become embedded in enterprise processes, thanks to the consumerization of IT and a new generation of...
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Planning for Mobile Success Many organizations are seeing clear and quantifiable benefits from the deployment of mobile technologies that provide access to data and applications any time,...
- The Challenges and Opportunities of Mobile Application Development Nearly all business users now demand mobile devices--their own or company-owned--along with anywhere access to corporate applications and data. What turns mobile devices...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Gov't Legislation/Regulation White Papers | Webcasts