Overnight Cybersecurity: Cyber sharing bill finally hits Senate floor

Welcome to OVERNIGHT CYBERSECURITY, your daily rundown of the biggest news in the world of hacking and data privacy. We're here to connect the dots as leaders in government, policy and industry try to counter the rise in cyber threats. What lies ahead for Congress, the administration and the latest company under siege? Whether you're a consumer, a techie or a D.C. lifer, we're here to give you ...

THE BIG STORIES:

--IT'S HERE, IT'S HERE!: The protracted fight over a stalled cybersecurity bill finally hit the Senate floor Tuesday afternoon, ending months of false starts for the controversial measure. The Cybersecurity Information Sharing Act (CISA) has been delayed since March because of a packed Senate floor schedule and a fight from privacy advocates over the legislation, which would give companies legal liability protection when sharing cyber threat information with the government in an effort to boost the exchange of hacking data. CISA originally came to the Senate floor earlier this year ahead of the August recess. Lawmakers punted on the legislation but agreed to consider at least 22 amendments with no time limit when the legislation was brought back up. "Actors around the world continue to attack U.S. systems, and in many cases penetrate it," Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrPublic health expert: Biden administration needs to have agencies on the 'same page' about COVID Top Biden adviser expresses support for ban on congressional stock trades Biden's FDA nominee advances through key Senate committee MORE (R-N.C.) said on the floor, making his opening pitch for the bill he co-sponsored. "The amount of personal data that's being accumulated out there somewhere provides almost a road map to everything about anybody."

ADVERTISEMENT
--WHAT'S IN THE BOX?!?!: In a move that will help speed movement of the bill, Burr revealed that Senate leaders had agreed to attach eight of the amendments to a manager's package from himself and Sen. Dianne FeinsteinDianne Emiel FeinsteinLawmakers in both parties to launch new push on Violence Against Women Act Domestic travel vaccine mandate back in spotlight Biden, lawmakers mourn Harry Reid MORE (D-Calif.), CISA's other co-sponsor. But privacy advocates' favored amendment from Sen. Ron WydenRonald (Ron) Lee WydenSanders, 50 Democrats unveil bill to send N95 masks to all Americans Manchin told White House he would back version of billionaire tax: report Democrats look to scale back Biden bill to get it passed MORE (D-Ore.) did not make it, meaning the add-on faces an uphill battle. The proposal would require a system to review all cyber threat data passed to the government and remove any personal information. Of his two amendments, Wyden told reporters this is the one "I feel most strongly about." Wyden's other amendment -- which would create a process to notify people whose personal information has been inappropriately shared -- will be included in the manager's package, which is expected to pass. The inclusion didn't win over the Oregon Democrat, who blocked Burr's attempt to schedule a final vote on all amendments and the bill for Thursday morning. "Even with the manager's amendment, the core privacy issues are not being dealt with," Wyden said on the floor. To read our full piece, click here.

--WE GOT YOU: The House approved a bill Tuesday to extend certain Privacy Act rights to European citizens -- a must-pass bill if the United States wants to finalize an agreement with European countries to share law enforcement information. The Judicial Redress Act, which passed by voice vote, would allow European citizens to file legal action in U.S. courts if the United States unlawfully disclosed their personal information. Technology companies have seen the bill as an important way to improve overseas trust after a series of U.S. surveillance disclosures. The United States and European countries have tentatively agreed to a privacy agreement to allow them to more easily share law enforcement information. But Europeans said no final agreement would be penned until Congress extended the Privacy Act rights to its citizens. To read our full piece, click here.

 

UPDATE ON CYBER POLICY:

--MARCHING FORWARD. Even though Wyden stymied Burr's attempt to set up a final vote on Thursday, Senate Majority Leader Mitch McConnellAddison (Mitch) Mitchell McConnellNAACP president presses senators on voting rights: 'You will decide who defines America' Sununu says he skipped Senate bid to avoid being 'roadblock' to Biden for two years 'All or nothing' won't bolster American democracy: Reform the filibuster and Electoral Count Act MORE (R-Ky.) still moved late Tuesday to end debate on CISA. The Republican leader filed cloture on the manager's amendment, which includes a slate of amendments to the legislation, as well as on the underlying legislation, CISA. Under Senate rules that would set up the first procedural hurdle for Thursday on ending debate on the substitute amendment unless senators can get a deal to speed up the votes. No vote has been scheduled.

Check out our full piece, here.

 

LIGHTER CLICK:

--WHERE WE'RE GOING, WE DON'T NEED ROADS. Wednesday, Oct. 21, 2015, is the exact day Marty McFly and company found themselves transported to in the classic 1989 flick "Back to the Future: Part II."

The folks over at the CraveCast podcast are going deep dive for the occasion: "We'll grab a few bottles of Pepsi Perfect, lace up our Nikes without touching them and lament how limited the real hoverboards of 2015 are compared with Hollywood's vision for us when we were decades younger." Listen here.

 

WHO'S IN THE SPOTLIGHT:

--THE TEENS WHO MAYBE HACKED THE CIA DIRECTOR'S EMAIL? There still aren't clear answers on whether CIA Director John Brennan actually had his email account hacked by two high school hackers. But the pair's Twitter accounts have now been taken down.

Per NBC News: "One account, which had posted a spreadsheet of current and former intelligence officials, containing email addresses and social security numbers, became inactive late yesterday. The second, used by a hacker calling himself "Cracka", went down this afternoon. About an hour before it became inactive, the hacker posted a Tweet with one word: 'bye.' Before shutting down, the Twitter account linked to other sites, which displayed what purported to be a recent log of phone calls made by Avril Haines, a former CIA official."

Read on, here.

 

A LOOK AHEAD:

WEDNESDAY

--The Cato Institute will host an all-day conference on surveillance. Sen. Patrick LeahyPatrick Joseph LeahyFormer US attorney considering Senate run in Vermont as Republican The Hill's 12:30 Report: Sen. Kaine, drivers stranded in I-95 backup Senate delays vote as DC hit by snowstorm MORE (D-Vt.) will speak, alongside intelligence officials.

--CSM Passcode will host an event at 9 a.m. on how government policy can help secure the Internet of Things. Sen. Brian Schatz (D-Hawaii) and FTC Commissioner Julie Brill will speak.

--The House Homeland Security Committee will hold a hearing at 10 a.m. on worldwide threats. DHS Secretary Jeh Johnson, FBI Director James Comey, and NCC Director Nicholas Rasmussen will testify.

--Two subcommittees of the House Science and Technology Committee will hold a joint hearing at 10 a.m. on cybersecurity for power systems.

--The House Small Business Committee will hold its second hearing at 11 a.m. on how the transition to chip cards is affecting small businesses.

--The House Oversight Committee will hold a hearing at 2 p.m. on the government's use of cell phone tracking tools.

 

IN CASE YOU MISSED IT:

Links from our blog, The Hill, and around the Web.

An Irish privacy watchdog will move to probe Facebook. (The Hill)

Microsoft's plan to avoid a "return to the digital dark ages" in the wake of the EU's Safe Harbor ruling. (The Washington Post)

The dark Web is becoming a safe haven for malware. (Motherboard)

How a criminal ring defeated the secure chip-and-PIN credit cards. (ArsTechnica)

Sony Pictures hack victims stand to gain little from class-action lawsuit. (The Guardian)

The State Department pushed back at reports about its weak cybersecurity program under former Secretary of State Hillary ClintonHillary Diane Rodham ClintonThe Hill's Morning Report - Presented by Facebook - Democrats see victory in a voting rights defeat Left laughs off floated changes to 2024 ticket A year into his presidency, Biden is polling at an all-time low MORE. (Bloomberg)

A tech- and privacy-backed group announced that its free security certificates are now trusted by all major browsers. (The Next Web)

The Department of Energy awarded Dartmouth College nearly $1 million to work on power grid cybersecurity. (The Concord Monitor)

 

If you'd like to receive our newsletter in your inbox, please sign up here: http://goo.gl/KZ0b4A