“What we came up with, we think, is the right approach. It is the one bill out of everything you’ve seen on both sides of this great institution of the United States Congress that protects a free and open Internet and allows people to share cyber threat information to protect their clients, their business, their [personally identifiable information],” Rogers told reporters following the markup. “It’s been a work in progress.”
Reps. Adam Schiff (D-Calif.) and Jan Schakowsky (D-Ill.) both voted against the bill during the markup after the committee did not agree to their amendments, or language similar to them, offered by the two legislators. Both voted against the bill today.
Schiff and Schakowsky proposed an amendment that would have required companies to take reasonable efforts to remove personally identifiable information from threat data before sharing it with the government.
The committee also rejected Schakowsky’s three proposed changes. One of her amendments would have exempted certain agencies, such as the Department of Defense and the National Security Agency, from directly receiving cyber threat data from private companies. Another amendment would have allowed consumers the ability to hold companies liable for misusing their private information.
“Through hard work and compromise, we have produced a balanced bill that provides strong protections for privacy and civil liberties, while enabling effective cyber-threat sharing. The decisiveness of the vote shows the tremendous bipartisan support for this bill,” Rogers said in a statement after the markup.
CISPA has generated criticism from privacy groups and civil rights unions over the bill’s individual data and privacy protection stipulations.
An online petition created in February to stop CISPA reached 109,000 signatures last month – over the threshold of 100,000 required to receive a response from the White House.
Even with the recent modifications, many of CISPA’s critics remain unconvinced, opposing any bill that would give the government too much control over the Internet.
“The changes to the bill don’t address the major privacy problems we have been raising about CISPA for almost a year and a half,” wrote Michelle Richardson, American Civil Liberties Union’s legislative counsel, in a statement last Thursday.
The Electronic Frontier Foundation (EFF), which has lobbied vigorously against the bill, said that the amendments do not fix the main problems with the bill. EFF said that the bill still lets companies share data freely, and the broad legal immunity leaves users with almost no “privacy protections or recourse if a company improperly shares their data.”
The White issued a statement last week indicating that it is not likely to support the House bill in its current form.
“We believe the adopted committee amendments reflect a good-faith effort to incorporate some of the Administration’s important substantive concerns, but we do not believe these changes have addressed some outstanding fundamental priorities,” said Caitlin Hayden, a National Council spokeswoman.
An amendment that would ensure that the Homeland Security Department is the first recipient of cyber threat data from companies circulated among its sponsors on Tuesday, potentially satisfying one of the top concerns of privacy advocates.