Controversial cybersecurity bill passed in Congress

The lower house of the United States legislative assembly hash today passed a controversial intelligence gathering bill after key amendments were made to limit its scope and enhance the privacy provisions contained within it.

Named the Cyber Intelligence Sharing and Protection Act or CISPA [PDF] for short the bill, if enacted in law, sets up a formal information sharing structure between the US Government and private organisations, and exempts the latter from sanctions resulting from privacy violations.

Like the preceding Stop Online Piracy Act or SOPA, CISPA has come under fire for being too broad in scope and potentially harming civil liberties and privacy by granting authorities the right to conduct warrantless spying without informing people.

A petition against the bill has gathered over 111,000 signatures so far, and the Obama administration said last year it would veto CISPA [PDF] as it "fails to provide authorities to ensure that the nation's core critical infrastructure is protected while repealing important provisions of electronic surveillance law without instituting corresponding privacy, confidentiality, and civil rights safeguards."

One of the congressmen voting for the bill, Utah Republican Jason Chaffetz, who also chairs the House of Representatives' Technology Operation Team, said it was acceptable to him after several amendments limited its scope.

According to Chaffetz, the definition of “cyber threat information” was narrowed by removing references to intellectual property, making it clear that CISPA wasn't a backdoor SOPA bill, which infuriated civil rights advocates last year with its broad provisions in that area.

Furthermore, in another amendment the US Government is prohibited from from using records from libraries, book sales, educational and medical institutions, tax returns and more that it might receive from private entities.

As amended, CISPA could only be used by the US Government for cybersecurity and cybercrime issues, Chaffetz said, as well as to protect individuals from physical injury or death, minors from physical and psychological harm and to safeguard the national security of the country.

The type of information that could be identified, obtained, and shared was also significantly narrowed, Chaffetz said, and the provisions in the bill would be "sunset" five years after it was enacted.

While CISPA passed in the house of representatives with a large majority - 288 voting for the bill and 127 against it - it will now go to the upper house, the Senate, where it faces an uncertain future.

The White House has yet to comment on whether the amendments to the bill are acceptable to the Obama administration, or if the government intends to veto CISPA anyway.