Members of the House today debated a controversial cyber-security bill, with supporters arguing that it's necessary to keep Americans safe, and detractors saying it will essentially incentivize companies to hand over users' personal information to the government and military.
At issue is the Cyber Intelligence Sharing and Protection Act (CISPA), which would allow for voluntary information-sharing between private companies and the government in the event of a cyber attack. Backers argue that it's necessary to protect the U.S. against cyber attacks from countries like China and Iran, but opponents say that it would allow companies to hand over users' private information at will.
Concerns about provisions of the bill prompted its sponsors, Mike Rogers and Dutch Ruppersberger, to issue several amendments this week, which clarify how and when data can be collected and used. But some - including the White House - do not believe the bill does enough to protect civil liberties.
"This Is Not Surveillance"
During a debate on the House floor this afternoon, Rogers insisted that "there is no government surveillance [with CISAP]. None. Not any."
Rep. Rogers pointed to a credit card company that reported being attacked, on average, about 300,000 times per day, as well as a company that lost about 20,000 manufacturing jobs because "countries like China stole their intellectual property and illegally competed against them in the marketplace."
"This is as bad a problem that I've ever seen," Rogers said.
Ruppersberger echoed that sentiment. "This is not surveillance," he said. The type of information companies might hand over would be "machine codes consisting of zeros and ones" - code that "will be used to protect against similar attacks in the future."
Rep. Jared Polis, a Colorado Democrat, however, argued that CISPA forces Internet users to "make a false choice between security and liberty."
Legislation to address information sharing is necessary, but CISPA is an "unprecedented, sweeping piece of legislation that would waive every cyber security bill every enacted" in the name of security, Polis said.
There's nothing in the bill, Polis continued, to stop companies from sharing their personal information with every branch of the government, including the military and the National Security Agency.
Much has been made about the voluntary nature of the bill, and while CISPA may be optional for corporations, "it is optional for users?" Polis asked. "Outside of any legal process, this gives that company the ability to share wholesale information that can include health records, firearm registration information, credit card information, account information, political information, with secret government authorities."
Civilian agencies like the Department of Homeland Security and FBI "strike a fine balance" between privacy and security, but "the military and NSA are unaccustomed to that balance," Polis said.
The congressman also expressed concern that CISPA could be used for political oppression. The immunity clause, meanwhile, provides "no incentive for companies to withhold their customers' private information," Polis said. "CISPA actually incentivizes [companies to hand over] all their information to the government so they can take advantage of this blanket immunity."
Mac Thornberry, a Texas Republican, however, argued that the number of cyber threats have grown rapidly in recent years, but legislation has not kept pace. CISPA tries "to close that gap between the growing threat and laws and policies, [and is] a step in the right direction," he said.
Rep. Richard Nugent, a Florida Republican, pointed to 9/11, and said the inability to communicate that day resulted in many deaths. "So now we want to set ourselves up for a greater catastrophe? One that could bring our nation down to its knees or worse?" he asked.
The co-chairs of the Bi-partisan Privacy Caucus, meanwhile, Democrat Edward J. Markey and Republican Joe Barton, urged the House not to proceed with a vote on CISPA.
"If this piece of legislation had a privacy policy, it would be 'You have no privacy!' In its current form, this legislation would allow companies to share personal information about consumers with other companies, even if that information has nothing to do with cybersecurity," they said in a joint statement. "The bill also frees companies from liability if they share this personal, sensitive information. This is unacceptable, and we urge a NO vote on this inadequate legislation."
The House continues to debate CISPA this afternoon; follow along via houselive.gov. A vote is expected tomorrow.
For more from Chloe, follow her on Twitter @ChloeAlbanesius.
