But while routine intrusions and attacks against government and corporate networks during the a year ago led lawmakers to backing this bill more than previous legislative efforts, the Senate’s decision to greenlight CISA occurred in the face of opposition from a few of the tech sector’s biggest names, including Apple, Google and Twitter, as well as attempts from within the chamber to rework its language up until Tuesday evening’s vote. It now heads off to a conference committee where it can try to mirror the bill passed by the House earlier this year, and there’s a chance it could be filibustered before then or even vetoed by the President. For example, a senator can put a hold on a bill for any number of reasons and while such a hold can be overcome by a 60-vote supermajority, that takes time and could result in the bill eventually becoming superseded by other legislation, such as approving the rise in the debt limit.
Advertisement
This caused the concern of privacy advocates, leading to delays in the bill’s journey through Capitol Hill.
The bill passed with an overwhelming majority of 74-21. Ron Wyden (D-Oregon), a critic of the privacy violations that he says the bill would facilitate. Jeff Flake, R-Ariz., which added a sunset clause to the law, forcing the legislature to reconsider it again in 10 years. Even if users sign privacy agreements with companies, the businesses can break those agreements and remain protected from legal recourse.
But despite the strong opening showing, the Senate is far more divided when it comes to specific provisions of the legislation, especially those concerning the exact definitions of liability and privacy protections. The fact is, it is voluntary for companies. “There is a pressing need for meaningful, effective cybersecurity legislation that balances privacy and security: this bill doesn’t do that”, he said in a statement. An amendment by Sen. Ted Cruz, R-Texas; Marco Rubio, R-Fla., and Lindsey Graham, R-S.C., each did not vote Tuesday. Pat Leahy (D-Vermont), was offered to deal with the issue of CISA’s sweeping Freedom of Information Act (FOIA) exemptions.
All that is needed for companies to hand over huge swaths of information to the government is for it to contain “cyber threat indicators” – a vague phrase that can be interpreted to mean pretty much anything.
“I do not believe [CISA] imposes a sufficiently stringent standard for the removal of irrelevant personally identifiable information”, Deputy Secretary Alejandro Mayorkas wrote in a letter to Sen. “It knocks out hundreds of state and local laws”.
The Coon’s Amendment, named after Sen.
That includes persistent bad security habits by companies, such as failing to encrypt data or continuing to use outdated, “legacy” computer systems, Jaycox said. CISA may stall, but it may also come to pass. Now, for why CISA isn’t the greatest idea is that while it’s created to try and curtail cybersecurity breaches of businesses, it’s rather open ended in what it defines as a threat.
The Franken amendment failed 35 to 60. The White House also announced its support for the bill last week, although it sees a few revisions to be made before it can be presented to the President, Reuters reported.
Advertisement
A slew of digital rights groups including Fight for the Future and the Electronic Frontier Foundation, along with whistleblower Edward Snowden and outspoken CISA opponent Sen.
