The House on Thursday passed controversial legislation that would allow businesses to share data with each other and the federal government for cybersecurity purposes.
Lawmakers voted 288-127 in favor of the Cyber Intelligence Sharing and Protection Act despite a veto threat from the White House and opposition from civil liberties groups and privacy advocates.
The bill’s sponsor, Rep. Mike Rogers (R-Mich.), said in a statement on Thursday: “I am very proud that so many of my colleagues were able to look past the distortions and fear mongering about this bill, and see it for what it really is – a very narrow and focused authority to share cybersecurity threat information to keep America safe.”
Ninety-two Democrats supported the measure, compared to 42 who backed similar legislation last year. The Senate didn’t take up the issue in 2012, so the bill that year stalled after passing through the House.
Proponents of the 2013 measure say allowing businesses and the government to share information about cyber attacks will help them defend against sophisticated attacks from hackers. Rep. Mike Rogers (R-Mich.) and Rep. Charles Ruppersberger (D-Md.) co-sponsored the legislation.
Critics contend that the bill undermines privacy protections. “This bill will allow companies that hold very sensitive and personal information to liberally share it with the government, including with military agencies,” said a group of 34 civil liberties organizations in a joint letter to Congress.
The legislation would require the Intelligence Community Inspector General to produce an annual review of the government’s use of shared information. It would not compel companies to share cyber threat information with the government, according to a summary of the bill.
Critics have also said the bill goes too far in absolving businesses of legal liability when they are hacked. The legislation would grant immunity to private organizations when they are attacked, as long as they made good-faith efforts to protect their networks.
Opponents have petitioned the White House to block the cybersecurity measure. They had gathered more than 111,000 signatures by Thursday night.
President Obama this week threatening to veto the legislation unless lawmakers added greater protections for privacy and civil liberties.
“Citizens have a right to know that corporations will be held accountable – and not granted immunity – for failing to safeguard personal information adequately,” Obama said in a statement of administration policy.
In February, the president issued an executive order calling on the National Institute of Standards and Technology to develop a framework for companies and the government to share information about cyberattacks.
A long list of large technology companies have pushed for the cybersecurity bill, citing concerns about growing threats from hackers. In the past year, businesses, newspapers and the government have become victims of cyberattacks.
A report from the Sunlight Foundation shows that supporters of the measure spent $605 million on lobbying from 2011 through the third quarter of 2012, compared to $4.3 million by opponents over the same period.
The bill would allow individuals to sue the federal government if it uses private information in ways not outlined in the legislation.
E-mail firstname.lastname@example.org with news tips and other suggestions.