Capitol Hill privacy advocates launch effort to repeal CISA

cyberattack graphic

A bipartisan group of lawmakers introduced legislation on Jan. 13 to repeal the Cybersecurity Act of 2015, which hitched a ride on the must-pass omnibus bill that was signed into law in December.

"The Cybersecurity Act was negotiated in secret by just a few members of Congress and added quietly to the 2,009-page omnibus to avoid scrutiny," Rep. Justin Amash (R-Mich.) said in a statement. "Most representatives are probably unaware they even voted on this legislation. It’s the worst anti-privacy law since the USA PATRIOT Act, and we should repeal it as soon as possible."

Amash introduced the repeal bill along with Reps. John Conyers (D-Mich.), Zoe Lofgren (D-Calif.), Thomas Massie (R-Ky.), Ted Poe (R-Texas), and Jared Polis (D-Colo.).

While the law "includes information that directs companies to scrub information, companies are only directed to scrub personal information if they actually have affirmative evidence that the information is not relevant to a cyber threat," Polis told FCW on Jan. 14. "That's an unrealistic impossible standard because you are asking the company to prove something that doesn't exist."

The legislation increases information sharing between the government and the private sector, something that has always been controversial among privacy groups.

Polis, who sits on the Rules Committee, said the Cybersecurity Act of 2015 was "sneaked" into the omnibus along with four to five provisions that had previously passed in the House. He argued that the law's provisions would not have prevented any of the recent high-profile cyber-attacks, such as the Office of Personnel Management breach and the Sony hack. Those incidents, he said, were possible because the people in charge of managing the cyber networks failed to use best practices on cybersecurity.

And with the current components of the bill, Polis said, information would be shared with agencies such as the NSA and DHS who "time and time again" have broken privacy rules and overstepped legal authorities. "I have no reason to believe they will abide by the privacy protections of this bill either," he said.

Polis said he expects there to be support for the bill to repeal this legislation, but it may not pass as a piece of standalone legislation.

"It might take the form of appropriation amendments or other vehicles that are available for us," he predicted.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.