updated 04:17 pm EDT, Thu April 11, 2013
Statement by NSC claims revisions made to bill insufficient
The White House has responded to the 2013 version of the Cyber Intelligence Sharing and Protection Act (CISPA) bill heading to the House floor for a vote. National Security Council (NSC) spokesperson Caitlin Hayden issued a statement saying that "[the White House believes] the adopted committee amendments reflect a good-faith effort to incorporate some of the Administration's important substantive concerns, but we do not believe these changes have addressed some outstanding fundamental priorities" and intimated that the President would veto the bill as it stands.
Hayden did remark that the administration would continue to work with Congress to draft cybersecurity legislation, stating that "we continue to believe that information-sharing improvements are essential to effective legislation, but they must include privacy and civil liberties protections, reinforce the roles of civilian and intelligence agencies, and include targeted liability protections."
The bill was debated behind closed doors, and passed through the House Intelligence Committee yesterday after very few amendments were made. The exact text of the bill, even pre-amendment, has not been made public. Changes made to the bill require the government to redact personal information from the cyber threat data collected by companies and provided to the government, in addition to the removal of a vague provision in the bill allowing the government unfettered access to the information for "national security purposes."
This year's version of CISPA has the same goals as the 2012 version -- the bill is aimed at streamlining the process that currently prevents governmental and private-sector sharing of information about malicious source code, ongoing attacks, and other internet-based threats. The goal is information-sharing in real-time, ostensibly to aid US commerce and government forces in preventing and stopping attacks. Critics of the bill are concerned with the bypassing of legal privacy protections, as well as giving a large amount of collectible data about Internet users to the National Security Agency for use as it sees fit.