Data Privacy and Cybersecurity

Controversial Cybersecurity Act Slipped Into 'Omnibus' Budget Bill

Tossing CISA in with the federal government's budget bill means the contentious cybersecurity act is more likely to be signed into law.

Controversial Cybersecurity Act Slipped Into 'Omnibus' Budget Bill
Getty Images / T.J. Kirkpatrick
SMS

House Speaker Paul Ryan announced late Tuesday that Congress had agreed on a massive government spending bill. Buried in its 2,009 pages is CISA, a controversial cybersecurity act. (Video via C-SPAN)

Short for "Cybersecurity Information Sharing Act," CISA would allow companies to gather cybersecurity threat information from their networks and share the data "notwithstanding any other provision of law" with the Department of Homeland Security.

After that point, any shared information, even data that might compromise an individual's privacy, could also make its way to agencies like the FBI or NSA.

In October, lawmakers rejected all amendments to CISA, including those that would protect personal information or more clearly define a "cybersecurity threat" so that the law couldn't be abused. (Video via C-SPAN

But at the time, there was still a chance for the final language of the bill to be changed or clarified. Now, its inclusion in the "omnibus" bill has privacy advocates concerned.

Fight for the Future released a statement, saying, "This puts the controversial legislation on the path to a vote without meaningful transparency or debate on the final text."

But CISA supporters still argue that sharing data would actually be voluntary for companies and that any privacy concerns are merely misunderdstandings. (Video via University of North Carolina at Charlotte

Tossing CISA in with the federal government's budget bill means the cybersecurity legislation is now more likely to be signed into law than ever before — and this time with little room for changes.