The so-called “omnibus” funding bill, which easily passed in the Senate, also in the process gave congressional approval to the landmark Cybersecurity Act. Such liability protections are necessary to incentivize data sharing with the government, and have been a major reason why prior bills have failed to pass. Supporters of the cyber sharing bill say it’s necessary to raise the cost to an attacker and ensure the same threats aren’t repeatedly deployed.
The legislation will allow private companies to share user data with the Department of Homeland Security, which would then be obligated to share the data across “relevant government agencies”, presumably including the Federal Bureau of Investigation and the NSA.
Schneck said in remarks at a CS&C December 16 Industry Day that the NCCIC now has “infrastructure protection watch personnel sitting with our cyber watch personnel”, to provide wider situational awareness of physical and cyber threat information.
“There’s plenty wrong with this omnibus, but there’s nothing more egregious than the cyber language they secretly slipped in”, Mr. Amash said in a follow-up with the Hill. “But that’s the nature of legislation and compromise, and I think the system worked”. It also makes the Department of Homeland Security the primary portal for sharing the information. “The president has lengthy referred to as on Congress to cross cybersecurity info-sharing laws that may assist the personal sector and authorities share extra cyberthreat info by offering for focused legal responsibility protections whereas rigorously safeguarding privateness, confidentiality, and civil liberties”, the official stated. It limits the government use of threat information to cybersecurity purposes, which includes threats to minors and countering cyber-related crimes.
It’s beginning to look like the Snowden moment – the reform movement sparked by revelations by former National Security Agency contractor Edward Snowden of pervasive, illegal and largely uncontrolled government spying – may be passing.
There have also been warnings by privacy advocates such as the Electronic Frontier Foundation that the bill is a swamp of “immunity clauses, vague definitions and aggressive spying powers” that have turned it into a surveillance bill.
He later signed the bill into law in a low-key Oval Office ceremony. “Americans demand real solutions that will protect them from foreign hackers, not knee-jerk responses that allow companies to fork over huge amounts of their customers’ private data with only cursory review”. “I was unable to vote for the Omnibus spending bill today because it included an extraneous provision purported to facilitate cybersecurity information sharing that-in effect-will function as a surveillance tool”, she said in a statement.
A large number of Silicon Valley companies such as Apple, Yelp and Dropbox have publicly opposed earlier versions of the legislation, but some tech firms involved in cybersecurity such as IBM have supported the effort.
Not everybody in the Democratic Party is happy about the controversial cybersecurity bill.
The Oregon senator added: “Americans deserve policies that protect both their security and their liberty”. While it has been called a cyber-security bill, its critics are frank in calling it a surveillance bill in disguise.
Architects of the deal worked overtime this week cajoling rank-and-file members on both sides into backing the $1.149 trillion, catch-all bill which came in at more than 2,000 pages.