Tomas O’Keefe Senior Analyst
Yesterday, the House of Representatives passed H.R. 624, the Cyber Intelligence Sharing and Protection Act, more widely known as CISPA by a vote of 288 to 127. The House had attempted passage last year of the controversial bill, but privacy concerns derailed the act and it never came to vote in the Senate. Ostensibly, the bill is designed to enable government and businesses to share information on cyber threats and enhance the protection of U.S. business interests. Privacy advocates have protested the bill, noting insufficient protections within the bill to safeguard Americans from warrantless searches and other potential conflicts with the 4th Amendment. While the House has passed the bill, support is lukewarm in the Senate at best, and unlikely to leave committee due to the already conflicted Senate legislative agenda. Additionally, the White House has voiced serious objections over the bill, to the point where President Obama has threatened to veto its passage, so CISPA seems, at this point, to be nearly dead on arrival.
Obviously, cybersecurity and the protection of U.S. intellectual property has got to be a major objective of legislation going forward, particularly with the dramatic increase in and technological sophistication of cyber and advanced persistent threats. However, groups like the ACLU and the Electronic Frontier Foundation (EFF) have the ear of the President and Democrats and Republicans alike that the privacy concerns associated with the current iteration of the bill are valid and need to be addressed before legislation can move forward. Several amendments offered in the House that would have addressed these privacy concerns, for example one that would have required businesses to strip customers’ personally identifiable information before transmitting data to the government, were not allowed to be voted on. Until these concerns are adequately addressed, I wouldn’t expect to see CISPA moving forward anytime soon.