While the U.S. House of Representatives has already adjourned for the month-long August recess, the U.S. Senate remains in session and could take up a measure to address cybersecurity information-sharing as one of its last acts before heading out of town later this week. The Senate convenes on the afternoon of August 3rd and is scheduled to take a procedural vote to defund Planned Parenthood, but if Republicans are unable to get the 60 votes needed to proceed (as is expected), Senate Majority Leader Mitch McConnell (R-KY) has indicated that the next item on the agenda will be the Cybersecurity Information Sharing Act of 2015 (“CISA”).
CISA would encourage private companies and the federal government to share information about cyber threats and data breaches. The bill, S. 754, was introduced by Senate Intelligence Committee Chairman Richard Burr (R-NC) and was reported favorably by a vote of 14-1 out of his committee back in March. Chairman Burr and Vice-Chairman Dianne Feinstein (D-CA) stress that the bill creates incentives for companies to share cybersecurity threat data, while offering them liability protection and providing strong privacy protections for consumers. “There has been misinformation about this bill, so let me be clear: the goal of the bill is for companies and the government to voluntarily share information about cybersecurity threats—not personal information—in order to better defend against attacks,” Feinstein said back in March.
Passage of the bill, however, is far from certain. Senator Ron Wyden (D-OR) has called the measure extraordinarily flawed. He argues that the legislation does not provide adequate privacy protections and is designed to encourage the collection of huge amounts of Americans’ personal information. A group of security experts and companies has also targeted the bill, maintaining that the bill does not go far enough in protecting privacy and civil liberty. The group sent a letter to President Obama last week, urging him to veto the bill should it reach his desk.
The bill is also likely to encounter delays on the Senate floor, as senators on both sides of the aisle are expected to offer numerous amendments to the committee-passed bill. Senator Chuck Schumer (D-NY) said that while Democrats are not planning to block a motion to proceed on the bill, they would seek a deal on amendments.
As we previously reported, the House passed two similar cyber information-sharing bills back in April, which were then combined and sent to the Senate. But differences remain between those bills and the version that the Senate is now considering. Even if CISA were to pass this week, it will be some time before the House and Senate are able to reconcile their respective measures and any new information-sharing legislation is signed into law.
Reporter, Lauren M. Donoghue, Washington, DC, +1 202 626 8999, ldonoghue@kslaw.com.
