But in lengthy remarks on the House floor, Committee Chairman Mike Rogers (R-Mich.) said the bill was designed with privacy in mind.
"We believe this: this bill will not work if Americans don't have confidence that it will protect your privacy and civil liberties," Rogers said.
Rogers noted that under the bill, companies would not be compelled to share any information with the government. And if they do, the bill restricts the kind of data the government can use, requires that it only be used to fight cyber attacks, and allows for lawsuits against the government if these rules are violated.
Rogers was joined by ranking member Dutch Ruppersberger (D-Md.), who stressed that just 10 companies provide 80 percent of all U.S. information networks. He said that means a better public-private partnership must be struck on cyber issues.
"In order for us to protect the United States of America from cyber attacks, we need to make sure that the government has a partnership with the private sector, and that they can pass the threat information so that the government can help protect," he said.
Both members noted that they have agreed to an amendment that would let companies share cyber threat information with civilian agencies, the Departments of Justice and Homeland Security. That amendment, which will be debated later today, is one that they hope assures people concerned with privacy.
Not all House members were assured by Rogers and Ruppersberger. Rep. Mike Thompson (D-Calif.) said he still worries that the wrong data will fall into the government's hands, although he acknowledged that this is only a possibility.
"I remain somewhat concerned that the bill as drafted could lead to the broad sharing of consumers' information, which in turn could be used to ways unrelated to combatting cybersecurity threats," he said. "And I emphasize could, could be used."
Rep. Jan Schakowsy (D-Ill.) said she worries that the bill would let the military "directly collect personal information on American citizens." But Rogers rejected that characterization.
"No where in this bill does it allow the military to collect information on private citizens in the United States," he said. "This is not a surveillance bill.
"It does not allow the military to surveil private networks in the United States, period, end of story."
Late Wednesday afternoon, the House voted on a handful of amendments; votes on the remaining amendments are expected Thursday.
Amendment votes held Wednesday were on proposals from:
— Mike Rogers (R-Mich.), clarifying the bill to ensure medical, tax and other personal records are not sent to the government. Passed 418-0.
— Gerry Connolly (R-Va.), to define how classified cyber threat intelligence may be shared and used, and to ensure that classified threat intelligence may only be used, retained, or further disclosed by a certified entity only for cybersecurity purposes. Passed 418-0.
— Bradley Schneider (D-Ill.), to clarify that independent contractors are eligible for security clearances for purposes of employment to handle cyber threat intelligence and cyber threat information. Passed voice vote.
— Jim Langevin (D-R.I.), to ensure utilities in certain regions of the country are covered by language on information sharing. Passed 411-3.