Massive Year-End Spending Bill Includes Cybersecurity Act

A massive year-end spending measure moving through Congress includes a provision that will encourage companies to share cyber threat information with the government while providing them with liability protections for not acting on information received.

The measure, a culmination of several years of effort to pass a cyber bill, brings together three different versions that passed the House and Senate earlier this year with hefty bipartisan support. It was released early Wednesday morning.

The Cybersecurity Act of 2015 largely hews to the Senate version of the bill, which passed despite concerns about privacy and transparency from some senators and technology companies, such as Apple and Yelp.

But there are some changes.

The bill allows the president to designate an agency other than the civilian Homeland Security Department to act as a portal for sharing cyber threats with the government only if DHS cannot and it is necessary. However, the Defense Department, including its National Security Agency, is specifically excluded from becoming an alternate portal.

Rep. Adam Schiff, D-Calif., the ranking member of the House Intelligence Committee, urged lawmakers to support the bill and said it was a major improvement over what was put forward last session, which he said lacked privacy protections.

"The bill is very protective of privacy while also doing a lot to help companies protect themselves from cyberattack," Schiff said. "We have to measure this against the daily invasion of our privacy by these hackers. Those who believe that perfect should be the enemy of the good, have to justify how they're willing to accept rampant hacking into our privacy and do nothing about it."

The bill's liability protections are meant to incentivize data sharing with the government, and offset a major reason why prior bills have failed to pass. Supporters of the cyber sharing bill say it's necessary to raise the cost to...

Comments are closed.