The House Permanent Select Committee on Intelligence (HPSCI) passed a cyber security information sharing bill out of committee on Thursday, two days after the Republican and Democratic leaders introduced it.
The bill was adopted by a voice vote with no members voting against it. A manager’s amendment making technical changes to the bill language was adopted by a voice vote after discussions among committee members, committee staff, privacy groups, industry representatives, administration officials, other committees of jurisdiction, and other stakeholders.
The Protecting Cyber Networks Act, now H.R. 1560, would provide limited liability protections to the private sector, a provision shared in other bills introduced in the 114th Congress. The measure is seen as a key ingredient to getting companies and private organizations to more routinely disclose network breaches. It would also prohibit the government from forcing private entities to provide information to the government while requiring the companies that share cyber threat indicators with the government to remove personal information.
“This bill will help defend U.S. networks against a wide array of cybercriminals who are becoming more active and more threatening every day. It’s a bipartisan approach with strong privacy protections that will have a deep impact on this growing problem. In light of the urgency of the situation, I encourage House members to support this bill,” Chairman Devin Nunes (R-Calif.) said in a statement.
“Today’s markup of our bipartisan bill has made a good bill even better. The bill that passed unanimously out of Committee helps pave the way for the expeditious passage of cyber information sharing legislation that can help turn the tide against hackers, cyber criminals and malicious state actors, while safeguarding privacy and civil liberties at every step of the way,” Rep. Adam Schiff (D-Calif.), the ranking member on the committee, said.
“Chairman Nunes, our colleagues on the Committee, and I have worked with the full range of stakeholders–from the privacy community, industry, the Administration, other House Committees and the Senate–to produce a bill that can secure the American people and protect their privacy, and we are optimistic about its prospects for passage.”
Two weeks ago, the Senate Intelligence Committee approved a similar bill, the Cybersecurity Information Sharing Act of 2015, 14-1 in a closed committee markup (Defense Daily, March 12).
Sen. Ron Wyden (D-Ore.) was the only no vote, citing inadequate privacy protection in the bill.
Another cyber information sharing bill proceeded through a subcommittee markup on Wednesday. A draft of The Data Security and Breach Notification Act passed by a voice vote in the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing, and Trade.
“Finding a workable bipartisan compromise that can become law has been elusive. But I believe that by focusing on how the criminals make their money we can work together to broker a solution for the millions of Americans impacted by identity theft and financial fraud. Perfect cannot be the enemy of the good. And we must ensure that there are meaningful consumer protections in this draft,” Michael Burgess (R-Texas), chairman of the subcommittee, said during the markup.