Cybersecurity Information-Sharing Bill Heading for Approval in Senate

NEWS ANALYSIS: Despite opposition by Silicon Valley and tech industry advocates, security sharing legislation will probably pass the Senate this week.

Cybersecurity Bill 2

Barring some potential, but unlikely, parliamentary maneuvers, the U.S. Senate will probably pass the Cybersecurity Information Sharing Act the week of Oct. 26.

The bill survived the procedural process last week, and if it's approved by the full Senate, then Congress may consider a number of amendments intended to answer some of the most significant objections. The vote on the full bill is scheduled for Oct. 27, assuming that nothing interrupts the vote, which is always possible.

Senate rules allow members great latitude in how bills progress to an eventual vote. For example, a senator can put a hold on a bill for any number of reasons and while such a hold can be overcome by a 60-vote supermajority, that takes time and could result in the bill eventually becoming superseded by other legislation, such as approving the rise in the debt limit.

In addition, proposed amendments to the bill could be approved or they could be dismissed in their entirety in parliamentary wrangling. Because most of those amendments address concerns in the privacy aspects of the bill, such a change could also delay passage.

However the procedural vote that sent the bill to the full Senate for action passed by a lopsided 83-to-14 margin, far more than the 60-vote margin required to pass the bill. This would indicate that the votes are there to overcome any attempts to block passage, except in unusual circumstances.

Part of the reason that passage seems assured is that this is very much a bipartisan bill. The co-sponsors of CISA are the co-chairs of the Senate Intelligence Committee, Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.). In addition, the White House has expressed strong support for the bill.

The primary sticking point in CISA is privacy protections for personal identity data in information that's shared with the government as part of a cyber-security investigation. Opponents see the sharing as a way for the National Security Agency or other government agencies to get their hands on personal information that might not otherwise be available or part of the scope of an active investigation.

Already, the Senate has rejected a proposed amendment by Senator Rand Paul (R-Ky.) that would have required companies to adhere to their stated privacy practices when turning over information to the government.

Once the bill has passed the Senate, assuming it does, it then must go to the House of Representatives. Whether the CISA bill will pass the House remains to be seen, especially considering that the body is preoccupied with electing a new speaker. Until that happens, any other legislation will be secondary and controversial legislation facing strong opposition from businesses and business lobbying groups seems sure to meet resistance in the house.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...