The chairman of the House Intelligence Committee defended his proposed legislation aimed at improving cybersecurity as civil liberties groups planned an Internet protest against the measure.
The Cyber Intelligence Sharing and Protection Act, known as CISPA, would encourage companies to share information on threats with each other and the federal government through incentives such as protection from lawsuits over data exchanges.
Civil liberties groups criticize the bill, introduced by House Intelligence Committee Chairman Mike Rogers, a Michigan Republican, saying it would erode online privacy by letting companies give personal information on users to the government without penalty.
“The bill only permits information directly pertaining to threats and vulnerabilities to be identified and shared for the purpose of protecting systems and networks,” Rogers said in a conference call with reporters today. “‘It’s very limited.”
The bill, approved by Rogers’ committee 17-1 in December, has more than 100 co-sponsors from both parties, including the panel’s senior Democrat, Representative C.A. “Dutch” Ruppersberger of Maryland.
Groups including the Center for Democracy & Technology, American Civil Liberties Union and the Electronic Frontier Foundation are planning a Web-based protest over the legislation next week.
Rogers’ comments are designed to blunt the concerns of civil liberties groups “so the Internet doesn’t rise up and destroy this legislation like we killed SOPA,” the Stop Online Piracy Act, Rainey Reitman, activism director for San Francisco- based EFF, said in an interview. SOPA was one of two pieces of anti-piracy legislation shelved this year after Google Inc. (GOOG), Wikipedia and other websites led an Internet protest that eroded congressional support.
The Rogers bill is one of the central pieces of cybersecurity legislation being considered by Congress as lawmakers debate how to combat hackers, computer viruses and cyber espionage. The bill may be brought to the House floor within two weeks.
Groups taking part in the Internet protest plan to conduct a social-media campaign and encourage people to contact their representatives, Greg Nojeim, senior counsel for the Washington- based Center for Democracy & Technology, said in an interview.
‘Drive a Bulldozer’
The Rogers bill “would drive a bulldozer through privacy laws because it includes no meaningful restrictions on the government’s use of the information shared with it and because it trumps all privacy laws in the service of cybersecurity,” Nojeim said.
The center receives some of its funding from technology companies including Google and Facebook Inc. (FB)
Two technology trade associations said yesterday their websites were disabled by so-called denial-of-service attacks led by the hacker-activist group Anonymous over their support of the Rogers bill. Such attacks involve flooding a website with traffic, causing it to temporarily crash.
USTelecom, which represents telephone companies such as AT&T Inc. (T) and Verizon Communications Inc. (VZ), and TechAmerica, whose members include International Business Machines Corp. (IBM) and Microsoft Corp. (MSFT), said they would continue to support the legislation after the Web-based assaults.
Rogers said today he is making changes to his bill, to let people sue the government for damages if it improperly uses information supplied by private companies, and clarifying that the Defense Department and U.S. intelligence agencies couldn’t direct companies to take actions when it comes to protecting their computer networks.
Under another modification, the Homeland Security Department would get copies of information that companies share with the government to help ensure privacy violations don’t occur, Rogers said.
Senate Democrats and President Barack Obama support a separate cybersecurity bill introduced by Senator Joseph Lieberman, a Connecticut independent, that would let the Homeland Security agency set regulations for operators of critical networks to improve their cyber defenses.
The Rogers bill is H.R. 3523. The Lieberman bill is S. 2105.
To contact the editor responsible for this story: Bernie Kohn at Bkohn2@bloomberg.net.