CISPA passes US House under veto threat

“The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to [CISPA] in an effort to incorporate the Administration’s important substantive concerns,” the White House said in a statement. “However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill.”

The bill has been highly controversial with consumer groups and Internet advocacy groups as well. The Electronic Frontier Foundation (EFF) was quick to condemn the result, characterizing it as a bill that “would allow companies to bypass all existing privacy law to spy on communications and pass sensitive user data to the government.”

"CISPA is a poorly drafted bill that would provide a gaping exception to bedrock privacy law,” EFF senior staff attorney Kurt Opsahl said in the statement. “While we all agree that our nation needs to address pressing internet security issues, this bill sacrifices online privacy while failing to take common-sense steps to improve security."

Last year, a version of CISPA died in the Senate amid Administration opposition after passing the House in a near-identical conversation. But it was reintroduced in the House by Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) earlier in 2013. It is primarily an information-sharing initiative, which would make it easier for private corporations and government entities to share information on threats, attacks and remedies in order to shore up defenses. However, at issue is the scope of the roles that the Department of Homeland Security and other government agencies would have, and how personal information will be used and protected.

The House bill as originally written would offer broad protection from lawsuits to companies that give over user data to the Department of Homeland Security, which in turn would share it with intelligence agencies on a need-to-know basis. In addition, it gives legal immunity to corporations should the information they turn over to the government be harmful to individuals. The House Intelligence Committee did amend the bill with a few stronger privacy provisions but, as the White House noted, it still doesn’t pass muster with President Obama – yet.

It’s possible that the Senate could tweak the bill enough to satisfy all parties, but it should be noted that, according to the Sunlight Foundation, pro-CISPA lobbying groups spent 140 times as much lobbying Congress as those on the other side of the debate.

Sunlight's review of lobbying disclosures from the last session of Congress shows that CISPA backers had $605 million in lobbying expenditures from 2011 through the third quarter of last year, compared to $4.3 million spent by opponents of the bill.

“While it's impossible to say how many of those dollars were devoted to trying to influence votes on the CISPA bill (many of those entities have multiple interests before Congress), it provides some measure of the lopsidedness of the resources available to each side,” the group said.

CISPA does have its supporters, however, outside of Congress. Facebook, for example, signed on its support for the legislation last year.

What’s Hot on Infosecurity Magazine?