The legislation was reported by the Senate Intelligence Committee by a bipartisan vote of 14-1 on March 3 and was passed by the Senate on Tuesday by a bipartisan vote of 74 to 21.
Advertisement
The Senate rejected several amendments before passing the bill, including one addressing concerns that companies could give the government personal information about their customers. Tom Cotton, R-Ark. and Chris Coons, D-Del., were also heavily defeated, but a managers’ amendment — a package of changes backed by the bill’s authors – passed, as did the whole bill.
The Wyden Amendment, put forth by Sen.
Techdirt has a list of all Senators who voted for and against the bill. In addition, HITRUST said the legislation offers companies safe harbor against “frivolous lawsuits” when they share threat information and when implementing plans to mitigate attacks. It allows corporations to share information with the government that’s deemed important to national security, and is created to prevent the sharing of irrelevant information – or, in better terms, “everything else”.
Under CISA, there would be clear legal protections around what information is permissible to share while protecting consumer privacy. “Because of their efforts, a few of this bill’s worst flaws have been removed, and I encourage them to keep making their voices heard so that more of its flaws will be addressed”.
The bill must now be reconciled with two similar information-sharing measures that passed the House earlier this year.
Electronic Frontier Foundation said the bill is “fundamentally flawed due to its broad immunity clauses, vague definitions and aggressive spying authorities”. Apple, Salesforce, Twitter and Reddit are among individual companies opposed.
“The passage of CISA reflects the misunderstanding many lawmakers have about technology and security”. A trade group representing Facebook, Google, and others said it is “unable to support CISA as it is now written”.
Additionally, CISA recognizes the importance of a health industry specific cybersecurity framework as well as associated guidance and best practices, leveraging industry standards that are developed through a public and private process.
While Luddites in the Senate actually seem to think the bill helps protect the country from cybersecurity threats, countless groups and experts like the EFF argue it does nothing of the sort.
The security industry also lobbied against the against the bill.
Advertisement
When the Department of Homeland Security says you’ve gone too far, it’s time to listen. It must now do the same in the House before being either signed into law or vetoed by the President.
