Congressman Adam Smith released the following statement after the House passed the Cyber Intelligence Sharing and Protection Act (CISPA):
“There has been an increase in cyber attacks on government agencies, financial institutions, and other private industries in the United States and globally. Our current defenses are not keeping pace with the increasing amount and sophistication of attacks, and our nation is at greater risk as a result. I voted for CISPA because it offers us an important opportunity to begin to get a handle on the real and growing cybersecurity threats that face us, but the bill is not perfect.
“I was pleased to see notable improvements in this legislation’s protection of privacy and civil liberties over previous versions. The elimination of a broad provision that allowed information sharing for “national security uses” was a major step to improve privacy concerns. Now the bill only allows information sharing for more specific threats: cybersecurity, cyber crimes, protection from mortal danger or harm, and protection of minors from child pornography. CISPA also mandates the government to minimize or remove personally identifiable information obtained from the private sector, requires civilian entities within the government to receive cyber threats and crimes, and adds oversight responsibilities for the Privacy and Civil Liberties Board (PCLOB).
“With that said, I do have significant privacy concerns with the legislation. The bill is still in need of stronger requirements for private companies to protect personal information and privacy before cybersecurity data is shared. Along with that, I have concerns that the liability protection provided by CISPA remains too broad for action taken by private entities in response to cyber threat information.
“CISPA will go to conference with cybersecurity legislation that is eventually passed by the Senate, and during that process I will continue to fight to protect personal privacy and alleviate civil liberty concerns. However, given the many intelligence briefs I have received as Member of Congress detailing previous cyber attacks and our vulnerabilities to future attacks, doing nothing to improve our defense against cyber attacks right now is unacceptable.”