US House Of Representatives Passes CISPA Cybersecurity Bill

The US House of Representatives has voted 248 to 168 in favour of cybersecurity measures laid out in the controversial Cyber Intelligence Sharing and Protection Act (CISPA).

The bill, which was introduced by the head of the House Intelligence Committee Mike Rogers, allows federal government agencies to share information with private sector companies to defend against impending hacking attempts and data thefts. In return, companies could voluntarily submit sensitive data relating to what they identify as a cyber threat, gaining immunity to any ensuing lawsuits.

Threat to privacy?

Concern over cybersecurity in the US has been raised repeatedly over recent years as several government agencies and companies have come under online attack from hacktivists and other nations.

“We can’t stand by and do nothing as US companies are haemorrhaging from the cyber looting coming from nation states like China and Russia,” said Rogers in an emailed statement to Bloomberg. “America will be a little safer and our economy better protected from foreign cyber predators with this legislation.”

In theory, the bill will give companies time and important data to respond to attacks, helping to explain CISPA’s support from many high profile organisations including include the US Chamber of Commerce, Microsoft, Facebook, Oracle and Boeing.

However, critics of the bill have argued that it will permit companies to invade consumers’ privacy without repercussions and give US agencies untold amounts of sensitive information.

“The bills are written broadly and deliberately to permit Internet backbone providers, ISPs, carriers, and online service providers like Google, Facebook, Twitter to intercept your emails and text messages, and possibly even modify or block those communications,” the Electronic Frontier Foundation wrote of the bill.

“A company acting ‘for cybersecurity purposes’ would be able to bypass all existing statutory safeguards and pass ‘cybersecurity threat’ information to the government with no judicial oversight. They would be immune from both civil and criminal liability for any action, including but not limited to violating a user’s privacy, as long as they did not ‘knowingly’ and ‘intentionally’ violate your privacy.”

CISPA’s lack of appropriate safeguards and anonymisation of personal data raised opposition from the White House earlier this week, issuing a veto threat should the bill pass through Senate as well.

A statement said that the bill would allow “broad sharing of information with governmental entities without establishing requirements for both industry and the government to minimize and protect personally identifiable information”.

The White House came out in support of a separate cybersecurity bill from Senator Joseph Lieberman, which would see the Department of Homeland Security take charge of cybersecurity measures for the vital US infrastructure, including the electric grid and transportation networks.

CISPA is widely considered by its critics to be a sequel to the Stop Online Piracy Act (SOPA), which was defeated in January, because both have potential privacy implications. However,  SOPA was designed to protect copyright owners against piracy, while CISPA is intended as a remedy to cyber attacks.

Do you know about securit? Try our quiz