The Cyber Information Security Act (CISA) has passed through the Senate Select Committee on Tuesday by a vote of 12-3, pushing the bill one step further to reaching the Senate floor.
CISA is the latest reincarnation of internet-security based bills to be voted on by the government. Last year, a similar bill called the Cyber Information Sharing and Protection Act (CISPA) passed the House, but was met with controversy over what opponents of the bill called a lack of privacy protections.
“The Cybersecurity Information Sharing Act (CISA),” reports Julian Hattem from the Hill, “makes it possible for companies and government agencies to share information about possible hackers and security weaknesses with each other, which advocates say is critical to make sure that blind spots aren’t left untended for long.”
Senate Intelligence Chairwoman Dianne Feinstein (D-CA), one of the people responsible for the creation of CISA, argues the bill would allow businesses and government agencies to more easily exchange information with regards to cyber-attacks.
Feinstein said, according to VPN Creative, “Every week, we hear about the theft of personal information from retailers and trade secrets from innovative businesses, as well as ongoing efforts by foreign nations to hack government networks…this bill is an important step toward curbing these dangerous cyberattacks.”
Opponents to this bill and similar bills have used the Edward Snowden leaks as evidence of the government and NSA abusing cybersecurity flaws in the name of national security.
Senators Ron Wyden (D-OR) and Mark Udall (D-CO) both voted against the bill, saying in a joint-statement, they agree cyber-attacks are a serious threat to American infrastructure, but they have also seen “how the federal government has exploited loopholes to collect Americans’ private information in the name of security.”
The Center for Democracy and Technology also found faults with the bill, saying on the groups website, the bill fails to recognize and address “recently-disclosed cybersecurity-related conduct of the National Security Agency (NSA), some of which undermines cybersecurity.” The CDF also says the bill would allow law enforcement agencies to wiretap individuals in the name of cybersecurity.
The bill will be heard next by the whole Senate and will be voted on in the coming months.