In a nutshell, the Cyber Intelligence Sharing and Protection Act (CISPA) provides the government with the power to share classified information about security threats with certain U.S. companies so that these companies can use that information to better protect their computer networks that store sensitive, proprietary, and confidential information, including intellectual property and trade secrets. CISPA allows companies to share information relating to cyber security with government authorities and protects those companies against privacy lawsuits.
CISPA has broad support from many of the U.S.’s most powerful and influential companies and trade associations, including IBM and Verizon, the Securities Industry and Financial Markets Association, and the American Petroleum Institute. For a list of members of the House who supported CISPA, click here; for a list of businesses and trade associations that support CISPA, click here.
Critics of CISPA include the ACLU, which spearheaded a campaign against it and has taken the fight to constituents. According to the ACLU, this “broad legislation would give the government, including military spy agencies,
unprecedented powers to snoop through people’s personal information — medical records, private emails, financial information — all without a warrant, proper oversight or limits.”
The last time such heated debate on similar issues dominated the halls of Congress was the SOPA/PIPA legislation, which was killed by protest and the promise of a veto by President Obama.
The House of Representatives has amended and passed CISPA. The amendments that were debated and passed “tightened up language, restricted the type of information that can be shared with the government and gave the civilian-controlled Department of Homeland Security more oversight in the data-sharing process.” Despite the critics, who say the amendments to CISPA did not go far enough (e.g., removing the national security clause and ensuring civilian oversight), the bill heads next to the Senate.
CISPA is still just a bill. Even if it passes the Senate, President Obama may veto CISPA if it doesn’t include adequate privacy protections, as he has clearly expressed in a Statement of Administration Policy on April 25, 2012.