The Hill

House Intel leaders tweak CISPA to improve chances

keyhole digital

The leaders of the House Intelligence Committee plan to amend a cybersecurity bill to make it more palatable to privacy groups and improve chances of a friendly reception from President Obama.

The Cyber Intelligence Sharing and Protection Act (CISPA) is being marked up in closed session on April 10. On an April 8 conference call with reporters and bloggers, panel chairman Rep. Mike Rogers (R-Mich.) and ranking member Rep. Dutch Ruppersberger (D-Md.) described a slate of amendments they plan to support.

The amendments include new restrictions on the way information on potential threats from private companies can be used by law enforcement. Language that would allow the government to use information on threats “for national security purposes” is coming out. Additionally, government agencies that receive such information would be required to remove personal data that could identify individual users. And private companies that receive information from government sources on potential threats would be prohibited for using the information for marketing purposes.

Opponents of the bill remain concerned that information from private companies will be shared with the National Security Agency. Rogers tried to deflect this criticism saying, “It’s clear when you read the bill this is not a surveillance bill.... It just is not. It does not allow the NSA, or any government agency, to plug in to domestic networks and listen in. That does not happen."

Ruppersberger said the Obama administration "is still not behind our bill, but we are working with them and with the privacy groups."

The text of the proposed amendments has not yet been made public, but privacy activists remain cool to the measure despite the promised changes. “While some of the amendments described today could be helpful, civilian control is the elephant in the room that CISPA co-sponsors refuse to address,” said Gregory Nojeim at the Center for Democracy and Technology.

Michelle Richardson, who tracks cybersecurity for the American Civil Liberties Union, wrote in an op-ed for Politico, “CISPA needs to be amended to clarify that civilians are in charge of information collection for cybersecurity purposes, period. Anything short of that is a fundamental failure.”

CISPA was passed by the House of Representatives in 2012, but went nowhere in the Senate, which was working on its own comprehensive cybersecurity bill that included stiffer restrictions on information sharing and liability for companies whose data is compromised in attacks.

White House cybersecurity coordinator Michael Daniel said in a February speech that the administration backed “targeted liability protections,” for companies that share information. The administration also seeks privacy protections and oversight of agencies that use information on cyber threats.

The momentum appears to have shifted in the direction of a deal on cybersecurity, thanks to recent publicity about ongoing threats to U.S. networks from China, as detailed in a February report from security firm Mandiant, which alleged that groups backed by China’s armed forces are targeting American firms.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • Workforce
    White House rainbow light shutterstock ID : 1130423963 By zhephotography

    White House rolls out DEIA strategy

    On Tuesday, the Biden administration issued agencies a roadmap to guide their efforts to develop strategic plans for diversity, equity, inclusion and accessibility (DEIA), as required under a as required under a June executive order.

  • Defense
    software (whiteMocca/

    Why DOD is so bad at buying software

    The Defense Department wants to acquire emerging technology faster and more efficiently. But will its latest attempts to streamline its processes be enough?

Stay Connected