The Cyber Intelligence Sharing and Protection Act (CISPA) is back in a familiar form. The controversial bill, which would allow private entities to share users’ information with government intelligence agencies, passed the House of Representatives in an identical form last year, but did not make it out of the Senate. The bill met with stiff opposition. Critics claimed it did not do enough to protect Americans from the prying eyes of surveillance agencies and corporations.
The bill applies to “certified entities,” which it defines as any “protected entity, self-protected entity, or cybersecurity provider that—(A) possesses or is eligible to obtain a security clearance, as determined by the Director of National Intelligence; and (B) is able to demonstrate to the Director of National Intelligence that such provider or such entity can appropriately protect classified cyber threat intelligence.”
It would allow such entities—corporations, nonprofits, and government agencies, among others—to share “cyber threat intelligence” with other certified entities, “notwithstanding any other provision of law.” In other words, CISPA is written to trump any past or future legislation which might take issue with such sharing. Opponents, including the American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF), have argued that the bill would sacrifice internet users’ privacy by allowing companies to share users’ data with agencies like the NSA without any oversight.
Proponents argue that allowing private companies to share potentially threatening information with government agencies might prevent cyberattacks.
On January 8, Congressman Dutch Ruppersberger, a Maryland Democrat, reintroduced the bill in the House as H.R. 234. The 2015 version of the bill is identical to the one passed by the House in 2014, a Ruppersberger spokeswoman said.
Several iterations of the bill have been introduced in the House and Senate since 2012, but none have been approved, and Obama threatened to veto the bill in 2013, citing privacy concerns.
GovTrack, a government transparency service, gives H.R. 234 less than a 1 percent chance of passage.