The House passed the Cyber Intelligence Sharing and Protection Act (CISPA) Thursday night, despite some controversy over how the bill addresses privacy and a threat of a veto from the White House.
The measure, designed to make it easier for the federal government and private sector to share cyber threat data with each other, was approved by a 248-168 vote.
Its supporters and opponents were quick to issue statements following passage of the bill, which now moves to the Senate.
The Obama administration had issued a veto threat against CISPA earlier this week. The White House has previously endorsed a bill from Sens. Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), which would put cybersecurity oversight and private sector coordination in the hands of the Department of Homeland Security.
Some business interests have opposed this proposal, saying it would add unnecessarily regulation. Business groups hailed the CISPA’s passage, saying that it will make it much easier for the private sector to share possible cyber threat information without additional regulatory burden.
Robert Holleyman, president and chief executive of the Business Software Alliance, said in a statement that the act is, “critical because it unties the hands of companies on the front lines of the digital economy.”
Other business leaders urged the Senate to pass the bill quickly. “We strongly urge the Senate to swiftly take up this issue because the United States cannot afford to wait to improve our nation’s cybersecurity posture,” said TechAmerica President and chief executive Shawn Osborne. “Standing pat will only further risk our national security.”
Privacy advocates, however, remained concerned that the measure will violate basic civil liberties.
The Center for Democracy and Technology, which withdrew its support for the bill on Wednesday, said it was “disappointed that CISPA passed the House in such flawed form and under such a flawed process.” While the group was pleased with some of the amendments, which tried to narrow the scope and language of the bill, the group is still concerned that CISPA allows information to move “from the private sector directly to the NSA.” They also said that the bill inappropriately allows for data to be applied to national security issues other than cybersecurity.
In a statement, the American Civil Liberties Union said that it is concerned. “CISPA goes too far for little reason,” said Michelle Richardson, ACLU legislative counsel. “Cybersecurity does not have to mean abdication of Americans’ online privacy. As we’ve seen repeatedly, once the government gets expansive national security authorities, there’s no going back. We encourage the Senate to let this horrible bill fade into obscurity.”
Shortly after the the House passed CISPA, it also unanimously approved another cybersecurity measure: amendments to the Federal Information Security Management Act (FISMA) proposed by Rep. Darrell Issa (R-Calif.), which address security on the government federal computer systems.