Share

Related Stories

  • Reddit, Craigslist join 'week of action' against CISPA
    A coalition of internet advocacy organizations and web companies (including Craigslist and Reddit) are launching what they’re calling “a week of action” to combat the Cyber Intelligence Sharing and Protection Act (CISPA).
  • House, Obama Administration nearing an agreement on CISPA
    US House of Representatives Intelligence Committee Chairman Mike Rogers (R-Mich.) said that his committee’s negotiations with the White House on a new cybersecurity bill have resumed, with a draft for markup on target to appear in April.
  • ACLU: Obama's cybersecurity executive order is privacy-friendly
    President Obama has signed an executive order to protect US critical infrastructure from cyberattacks by improving cybersecurity information sharing between the government and owners/operators of the nation’s critical infrastructure. Meanwhile, the US House of Representatives is reintroducing the Cyber Intelligence Sharing and Protection Act (CISPA), which passed the House during the last Congress but failed to gain traction in the Senate. According to the ACLU, when it comes to privacy, one of these things is not like the other.
  • Presidential cybersecurity executive order expected Wednesday
    President Obama is expected to issue an executive order to replace last year’s failed CISPA on Wednesday – the same day that Rogers and Ruppersberger have said they will re-introduce the original CISPA.
  • CISPA to return this Wednesday
    On Friday, House Intelligence Committee Chairman Mike Rogers (R-Mich) and ranking member Rep Dutch Ruppersberger (D-Md) announced their intention to re-introduce the Cyber Intelligence Sharing and Protection Act (CISPA) on Wednesday, 13 February.

Top 5 Stories

News

House plans CISPA privacy safeguard amendments

09 April 2013

The US House Intelligence Committee is planning to amend the Cyber Intelligence Sharing and Protection Act (CISPA), in order to add more privacy safeguards and win broad support for the measure, including from President Obama.

No fewer than five amendments to the bill will be spearheaded by Committee Chairman Mike Rogers (R-Mich.) and C.A. “Dutch” Ruppersberger (D- Md.). These include ensuring that any cybersecurity information gathered by companies can be used for threat mitigation and protection measures, not for marketing. And, most notably, firms’ legal immunity is being minimized.

Whereas the bill as written gives corporations protection from lawsuits should the information they turn over to the government be harmful to individuals, the amended measure would deny that legal protection should they use cyber threat information to hack each other. There will also be an oversight component, with the creation of new roles for the government’s privacy and civil liberties board and federal privacy officers to review how any gathered information is used and shared.

“The improvements that we plan to make to the bill at the markup will address several of the administration’s concerns,” Rogers told reporters. “And we plan to keep talking and moving toward a consensus that will allow us to get the bill signed into law.”

The Intelligence Committee will vote on the amendments on April 10.

The Committee is hopeful that it will get an iteration of the bill passed, and soon. Obama threatened to veto the bill last year partly over privacy concerns, but CISPA was recently reintroduced in the House of Representatives by Rogers and Ruppersberger. Obama also passed an executive order earlier in the year mandating more information sharing between the private and public sectors.

CISPA calls for more information sharing between the private and public sectors, and offers legal protections for companies delivering personal information about customers to defense entities for the purpose of preventing or mitigating attacks on critical infrastructure. The details as to the extent of that personal information and the exact role of the government entities involved, like the Department of Homeland Security, have been called into question.

This article is featured in:
Compliance and Policy  •  Industry News  •  Internet and Network Security  •  Malware and Hardware Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×