The US House of Representatives on Wednesday passed a bill aimed at improving the sharing of information about cybersecurity threats between the government and the private sector.
The measure, passed on a 307-116 vote, would give President Barack Obama’s administration most of what it sought, but the bill has raised objections from civil liberties activists.
Obama has been for years seeking a cybersecurity bill that allows companies to share information on threats without fear of liability.
But some activists argued that the bill encroaches on civil liberties in its bid to improve cybersecurity.
Greg Nojeim at the Center for Democracy & Technology said the bill could allow the government to create a vast database which could be used for unrelated criminal investigations.
“That makes the bill look as much as a surveillance bill as a cybersecurity bill,” Nojeim told AFP.
The measure also appears to shield companies which seek to “hack back” after a cyberattack, Nojeim said.
“The last thing a cybersecurity bill should do is allow hacking back, which creates insecurity,” he said.
The White House this week expressed similar concerns, saying the House bill “authorizes the use of certain potentially disruptive defensive measures” and that this “raises significant legal, policy, and diplomatic concerns and can have a direct deleterious impact on information systems and undermine cybersecurity.”
During the debate, Representative Jim Langevin said it was “particularly important” to codify an information-sharing framework.
“From data breach to critical infrastructure protection, our ever more connected world ensures that there will be a further demand for congressional action,” he said.
A separate cybersecurity bill is pending in the Senate, and if it clears that chamber, the two would have to be reconciled by a joint committee before sending it to the White House.
