CISPA moves forward, but rejected amendments frustrate privacy advocates

Share this article:
CISPA moves forward, but rejected amendments frustrate privacy advocates
CISPA moves forward, but rejected amendments frustrate privacy advocates

Several privacy-bolstering amendments were left out of a contentious information-sharing bill that was approved Wednesday by the U.S. House Intelligence Committee.

The proposed Cyber Intelligence Sharing and Protection Act (CISPA), which supporters say will help the private sector share information about cyber threats with the government without fear of legal consequences, was revived earlier this year by Reps. Mike Rogers, R-Mich., and Dutch Ruppersberger, D-Md., after being approved by the House last April. It was never taken up by the Senate.

Six amendments were approved and four were rejected in the new, marked-up version of CISPA. The approved amendments include one that calls on the law to "reasonably limit the receipt, retention, use, and disclosure of cyber threat information associated with specific persons that is not necessary to protect systems or networks from cyber threats or mitigate cyber threats in a timely manner."

But critics believe the law in its current form doesn't go far enough to defend users' privacy.

Among the rejected suggestions for CISPA were three amendments offered by Rep. Jan Schakowsky, D-Ill., one of which would have exempted the Department of Defense, the National Security Agency, and all military branches from directly receiving cyber threat intelligence data from private companies.

Another failed amendment from the congresswoman would have given consumers the ability to legally hold companies accountable for misusing their private information. And Schakowsky also wanted the president to select an officer who would establish policies and procedures on the government's “retention, use and disclosure” of shared data.  

Rep. Adam Schiff, D-Calif., also proposed an amendment that was shot down. He wanted companies to “make reasonable efforts” to remove any PII before it was shared with the government. While an amendment was passed to minimize the amount of PII stored and used by the government under CISPA, Schiff's more inclusive suggestion was voted against.

On Thursday, Michelle Richardson, a legislative counsel with the American Civil Liberties Union (ACLU), told SCMagazine.com that from a privacy standpoint, the rejected Schiff amendment was “one of the most important.”

“They [should] strip out the PII when that's possible – when it's not directly necessary to understand the threat, so that companies don't get lazy and over share,” Richardson said." 

Page 1 of 2
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Adobe exploit used to spread Dyre credential stealer

Adobe exploit used to spread Dyre credential stealer

Users running vulnerable Adobe software could be in danger of having credentials for Bitcoin websites stolen.

Staples is investigating a potential issue involving credit card data

Staples is investigating a potential issue involving credit ...

The company said it is investigating a potential issue involving credit card data and that customers are not responsible for fraudulent activity on cards if an issue is discovered.

Skills set a priority over legacy prejudices, experts say

Skills set a priority over legacy prejudices, experts ...

Cybersecurity expert Winn Schwartau and Robert Clark, a cyber law attorney at the Army Cyber Institute, discussed issues around hiring in the information security industry.