A vote in the U.S. House of Representatives on a controversial bill aimed at expanding the amount of cyberthreat information shared between private companies and the U.S. government is scheduled for Friday.
House debate on the Cyber Intelligence Sharing and Protection Act, or CISPA, is scheduled to begin Thursday, followed by a Friday vote, according to information from the House Intelligence Committee, where the bill originated.
Critics of the bill say it would trample the privacy rights of Internet users, and some Democratic lawmakers and outside groups have repeated those concerns. CISPA does not include “necessary safeguards” to protect privacy, 18 House Democrats said in a letter sent Monday to CISPA sponsors Representative Mike Rogers, a Michigan Republican, and C.A. “Dutch” Ruppersberger, a Maryland Democrat.
CISPA has “ambiguous” language about how much online activity Internet service providers and other businesses can share with each other and with government agencies, said the letter, signed by Representatives Bennie Thompson of Mississippi, John Conyers of Michigan, Jared Polis of Colorado and Zoe Lofgren of California, among others.
“Without specific limitations, CISPA would, for the first time, grant non civilian federal agencies, such as the National Security Agency, unfettered access to information about Americans’ Internet activities and allow those agencies to use that information for virtually any purpose,” the letter said.
Also on Monday, the American Library Association urged its members to oppose CISPA. The legislation would allow an “excessive amount of information” to be shared between the private sector and the government, Molly Raphael, president of the group, said in a statement. “We need balance between what our country must do for cybersecurity and the privacy values that we must protect.”
Several tech trade groups and vendors have voiced support for CISPA. On Tuesday, three trade groups — CTIA, the United States Telecom Association and the National Cable and Telecommunications Association — called on Congress to pass CISPA and three other cybersecurity bills.
“Congress can advance national cyber defense by passing these measures,” the three groups said http://chsdemocrats.house.gov/sitedocuments/cispa.pdf.
CISPA would allow private companies to share customer communications related to cyberthreats with a wide number of government agencies. The bill would allow agencies to use the shared information for a wide range of purposes, as long as there’s also a “significant” cybersecurity or national security purpose for sharing the information, critics have said.The bill exempts private companies that share cyberthreat information in “good faith” from lawsuits from customers. Critics have said that the bill supersedes all U.S. privacy laws and puts few restrictions on how government agencies can use the shared information.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant’s e-mail address is grant_gross@idg.com.