OVERNIGHT TECH: Privacy groups unimpressed with cybersecurity bill changes

On Monday, the House Intelligence Committee released a revised version of the bill aimed at addressing the privacy groups' concerns. 

Committee Chairman Mike Rogers (R-Mich.) trumpeted the changes on Tuesday and said he had made "huge progress" with the privacy community.


But representatives from the three groups told The Hill on Tuesday that they still oppose the bill.

Michelle Richardson, legislative counsel for the ACLU, said the changes are mostly "cosmetic." And Kendall Burman, a senior fellow for CDT, said the changes "do not touch the core concerns" her group has with the bill.

"It's hard to even say it's going in the right direction," Burman said.

Free Press Action Fund Director Matt Wood called the changes "somewhat helpful, potentially," but said the language is still too broad and there aren't enough limits on what the government can do with the information it collects.

The new draft of CISPA uses a different definition for a "cyber threat" that leaves out any reference to intellectual property infringement. Critics had warned that the bill's definition was so broad that it could include people illegally downloading music and movies.

The new provision defines a cyber-threat as an effort to "gain unauthorized access to a system or network."  

Free Press's Wood said the change moves the bill "in the right direction" but is still too broad. CDT's Burman said companies could still "over-share information that is unrelated to cybersecurity threats."

The new draft would also require that the Homeland Security Department have access to all information shared with the government. Privacy advocates prefer that a domestic agency like Homeland Security play a central role in the information-sharing process instead of a spy agency like the National Security Agency.

But the privacy groups noted that the change doesn't prevent companies from handing over private information to NSA or the CIA — they would just have to also share it with the Homeland Security Department. 

The new draft would also give people and companies the right to sue the government if it mishandles the information.

"There's still a lot of room on what we would need to see on the privacy front," Burman said.

In a statement Tuesday, the Intelligence Committee said, "Chairman Rogers and Ranking Member [Dutch] Ruppersberger [(D-Md.)] remain committed to continuing to work with all interested parties to continue to improve the bill."

Homeland Security to mark up Lungren cybersecurity bill: The House Homeland Security Committee will vote on amendments on Wednesday to Rep. Dan Lungren's (R-Calif.) cybersecurity bill, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PRECISE) Act.

The committee released a revised version of the bill on Tuesday. The new draft drops provisions that would have required standards for critical infrastructure systems, moving the bill closer to Rogers's CISPA. 

Lungren said:

“This revised legislation that we will consider Wednesday would improve upon our current, ineffective, and unacceptable cybersecurity situation. This bill strengthens DHS’ cybersecurity functions and begins to fix the current, ineffective and broken system in place for sharing cyber threat information, the cornerstone of cybersecurity. This bill is a good first step, but there is certainly more to be done to better secure key information systems in this country from cyber attack.”


Rep. Mike Rogers (R-Mich.) said Google has been working behind the scenes and is "supportive" of CISPA.

CTIA-the Wireless Association called on the Senate to end "discriminatory" taxes on wireless services and create a single taxation framework for digital media purchases.

Companies urged Congress to act on cybersecurity legislation.

The Sunlight Foundation slammed Congress for not streaming more hearings.