CISPA would allow private companies such as Internet service providers to share customer communications related to cyberthreats with a wide number of government agencies. The bill would allow agencies to use the shared information for a wide range of purposes, as long as there's also a "significant" cybersecurity or national security purpose for sharing the information, critics have said.
The bill exempts private companies that share cyberthreat information in "good faith" from lawsuits from customers.
Critics, including the Center for Democracy and Technology and the American Civil Liberties Union, said the bill supersedes all U.S. privacy laws and puts few restrictions on how government agencies can use the shared information.
CDT remains in talks with Rogers and Ruppersberger, but the group still has privacy concerns, said spokesman Brock Meeks. The House Intelligence Committee, where Rogers is chairman, "continues to remain open to receiving suggestions and, from our own discussions with them, are taking these meeting seriously," he said.
On Wednesday, the House Homeland Security Committee passed an alternative cyberthreat information-sharing bill, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act, or PRECISE Act. CDT and the ACLU have said the PRECISE Act, sponsored by Representative Dan Lungren, a California Republican, raises fewer privacy and civil liberties concerns than CISPA does.
However, Homeland Security Committee Democrats, said a new, amended version of the PRECISE Act contained significant changes from the past version.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is firstname.lastname@example.org.