UPDATE: The amendment no longer contains pro-privacy language. The language requiring companies to share information only with the DHS was removed before being added to the bill. More on that here.
Original story continues below:
It seemed that CISPA couldn’t get any worse, but its sponsors proved that it could during a rules hearing yesterday. All the of the pro-privacy amendments being proposed were unceremoniously blocked without much of a debate. Now the bill’s sponsors have backtracked by finally supporting a good amendment.
The Hill reports that Rep. Mike McCaul offered up an amendment to CISPA today that has the full backing of CISPA sponsors Reps. Mike Rogers and Dutch Ruppersberger. The amendment would ensure that all cyberthreat information being submitted to the government would first go through an entity created by the Departments of Justice and Homeland Security, both of which are civilian agencies. The amendment was approved in a 227-192 vote.
In the words of Ruppersberger, “This is a huge concession.” Why? The original text of CISPA allowed companies to share cyberthreat information with any governmental agency, including military agencies like the NSA. Privacy advocates demanded that all identifiable information go through a civilian agency first to reduce the chance of abuse.
So, why did Rogers and Ruppersberger back this amendment when they were adamant about not backing any pro-privacy amendments yesterday? It seems that the veto threat from the White House spooked them into backing more pro-privacy amendments in a bid to get Obama’s signature.
“Rogers and I are just trying to deal with the issue of the White House concerns, realizing that if we pass a bill here and it doesn’t pass the Senate and the president doesn’t sign it, we have no bill,” Ruppersberger said. “This threat is so severe, the cyber threat, that we have to do something.”
The amendment is a great first step, but it doesn’t address all the issues that the White House and privacy advocates have with the bill. CISPA in its current state, even with this new amendment, does not address the issue of private information being removed only after it’s already in the government’s hands. The bill also doesn’t remove the provision that grants total immunity to companies that break the law when handing your information over to the government.
CISPA is on track for a full vote on the House floor tomorrow. We’ll be sure to bring you the final vote at that time.