After much debate and protest, the long-delayed Cybersecurity Information Sharing Act (CISA) finally arrived to the U.S. Senate on Tuesday (Oct. 20).
The controversial cybersecurity bill intends to make it easier for corporations and the federal government to defend against data theft through the sharing of information, which has drawn a strong objection from those with concerns about the bill’s lack of adequate privacy protections.
If enshrined into law, the bill will offer expanded legal liability protections to companies sharing data in the hopes that American businesses will be less hesitant in the future to share information about security breaches with each other and government agencies as soon as possible.
CISA opponents have remained vocal about the consequences of requiring companies to share their data with the NSA, mainly in the form of a loss of civil liberties.
Senate Republican Majority Leader Mitch McConnell said the bill could be passed by the Senate within days, Reuters reported Tuesday (Oct. 20).
"We intend to pass the cybersecurity bill," McConnell told reporters, "hopefully by early next week."
Earlier this week, Senate Select Committee on Intelligence (SSCI) Chairman Richard Burr and Vice Chairman Dianne Feinstein released a fact sheet on CISA, citing that the bill is designed to protect personal privacy by creating an environment where cybersecurity information can be shared to give all participants a greater understanding of growing cyber threats.
While many industry and business groups, as well as both Republican and Democrat leaders, have rallied behind CISA, the bill’s opponents have not backed down about the consequences that may come from passing the bill into law.
On Thursday (Oct. 15) the Computer & Communications Industry Association (CCIA), which represents a group of major telecom and eCommerce companies, voiced that it was “unable to support” the current version of CISA.
“CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government,” Bijan Madhani wrote in a CCIA blog post. “In addition, the bill authorizes entities to employ network defense measures that might cause collateral harm to the systems of innocent third parties.”
CCIA’s members include Silicon Valley mainstays such as Facebook, Google and Yahoo, as well as telecom companies like Sprint and T-Mobile, eCommerce giants Amazon and eBay, and Netflix and Microsoft, The Hill reported last week.
“Members of Congress should pay attention: Nobody wants this bill,” Evan Greer, campaign director for digital rights group Fight for the Future, told The Hill after the CCIA announcement Thursday (Oct. 15). “Not the public, not security experts and not even the industry it’s supposed to protect,” Greer added.
Reuters confirmed that Senators have submitted more than 20 amendments to the bill to date, adding that any version of CISA that is passed through the Senate will have to be reconciled with the House before being signed into law by President Barack Obama.
For more on the digital identity ecosystem, click here to take a look at our Identity Tracker, which helps identify the issues and trends that arise around the digital identity ecosystem.
To check out what else is HOT in the world of payments, click here.