Skip to main content

Cybersecurity Bill Approved in Senate Intelligence

In a closed markup session Tuesday (June 8), the Senate Intelligence Committee approved 12-3 an amended version of the Cybersecurity Information Sharing Act, according to Committee Chairman Diannne Feinstein (D-Calif.).

The bill will allow ISPs and other telecoms to share information while protecting them from liability.

Feinstein and vice chairman Saxby Chambliss (R-Ga.) co-authored the bill.

The legislation authorizes voluntary sharing of cyberthreat information between companies and with the government, with the stipulation that companies have to take "appropriate measures" to protect against sharing personally identifiable information. It includes liability protections for companies and individuals who do share information.

The Department of Homeland Security will oversee a "portal" through which cyber informatoin will be shared with other federal entities. Government use of that information is limited to cyber threats and cannot include "inappropriate investigations or regulation."

The collection will be subject to review by relevant Inspector Generals and the Privacy and Civil Liberties Oversight Board.

A number of amendments were added at the markup:

•"An amendment allowing cyber threat information obtained under the bill to be used for the protection of minors.

•"An amendment requiring that the attorney general procedures in the bill conform to the 'Fair Information Practice Principles,' as included in the president’s 2011 cyber strategy.

•"An amendment amending a provision in the fiscal year 2013 defense authorization bill to allow the Department of Defense to share cyber threat information it receives from defense contractors.

•"An amendment requiring that the attorney general determine a specific limitation on how long cyber information can be retained.

•"An amendment including the national laboratories among agencies to be consulted by the director of national intelligence as he develops procedures for sharing government information with the private sector.

•"An amendment requiring a report from the director of national intelligence on cyber intelligence cooperation."