Capitol Hill privacy advocates launch effort to repeal CISA

cyberattack graphic

A bipartisan group of lawmakers introduced legislation on Jan. 13 to repeal the Cybersecurity Act of 2015, which hitched a ride on the must-pass omnibus bill that was signed into law in December.

"The Cybersecurity Act was negotiated in secret by just a few members of Congress and added quietly to the 2,009-page omnibus to avoid scrutiny," Rep. Justin Amash (R-Mich.) said in a statement. "Most representatives are probably unaware they even voted on this legislation. It’s the worst anti-privacy law since the USA PATRIOT Act, and we should repeal it as soon as possible."

Amash introduced the repeal bill along with Reps. John Conyers (D-Mich.), Zoe Lofgren (D-Calif.), Thomas Massie (R-Ky.), Ted Poe (R-Texas), and Jared Polis (D-Colo.).

While the law "includes information that directs companies to scrub information, companies are only directed to scrub personal information if they actually have affirmative evidence that the information is not relevant to a cyber threat," Polis told FCW on Jan. 14. "That's an unrealistic impossible standard because you are asking the company to prove something that doesn't exist."

The legislation increases information sharing between the government and the private sector, something that has always been controversial among privacy groups.

Polis, who sits on the Rules Committee, said the Cybersecurity Act of 2015 was "sneaked" into the omnibus along with four to five provisions that had previously passed in the House. He argued that the law's provisions would not have prevented any of the recent high-profile cyber-attacks, such as the Office of Personnel Management breach and the Sony hack. Those incidents, he said, were possible because the people in charge of managing the cyber networks failed to use best practices on cybersecurity.

And with the current components of the bill, Polis said, information would be shared with agencies such as the NSA and DHS who "time and time again" have broken privacy rules and overstepped legal authorities. "I have no reason to believe they will abide by the privacy protections of this bill either," he said.

Polis said he expects there to be support for the bill to repeal this legislation, but it may not pass as a piece of standalone legislation.

"It might take the form of appropriation amendments or other vehicles that are available for us," he predicted.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.