In a 12-3 vote, the U.S. Senate Intelligence Committee approved a cybersecurity bill that would enhance how the government and the private sector share information on security threats with each other.
Known as the Cybersecurity Information Sharing Act, the bill is highly criticized by privacy groups because of the potential implications sharing data would have. Democratic Senators Mark Udall of Colorado and Ron Wyden of Oregon voted against the bill because the two felt insufficient privacy protections were in place. The senators agree though that there is a need to share information between the government and the private sector to better fight cybersecurity threats.
There is no argument that cybersecurity threats are very real, but wariness of the bill is understandable given that the country is still reeling from revelations about the NSA. In fact, many believe the passage of the bill will make it even easier for the agency to gather information on millions of innocent Americans. Senator Dianne Feinstein, chairman of the Senate Intelligence Committee, defended a provision that allows data on hacking threats to be accessed by agencies like the NSA in real time, saying that compromises had to be made to address concerns that the business sector and privacy groups had.
"Such sharing is for cybersecurity purposes only and companies must take appropriate measures to protect against the sharing of personally identifying information," according to an intelligence committee summary. To limit the government's use of data it receives, the bill will specify "cyber-related purposes to ensure it does not engage in inappropriate investigations or regulation."
"The legislation also directs the U.S. director of national intelligence to increase the amount of information the government shares with private firms and the Department of Homeland Security to set up and manage a data sharing portal," the committee added.
The bill appears to be trying to find common ground that would work for all parties involved so privacy groups can cool their jets for the mean time. It may also be amended once it hits the Senate floor so it's hard to say what the bill will be like by then.
What is undeniable is that some form of the bill must be passed into law because cybersecurity threats are causing the U.S. money. Up to $575 billion a year and more are being lost due to cybercrime, reports the Center for Strategic and International Studies in a study sponsored by McAfee Inc.