Privacy advocates satisfied with Lieberman’s cybersecurity rewrite

Revisions that Sen. Joe Lieberman (I-Conn.) made to his Cybersecurity Act seem to have appeased privacy advocates who lobbied against an earlier version of the bill.

Michelle Richardson, a legislative counsel for the American Civil Liberties Union (ACLU), told The Hill that Lieberman and other co-sponsors made "substantial changes" and undertook a "Herculean effort to build privacy protections" into the bill.

Sharon Bradford Franklin, senior policy counsel at The Constitution Project, applauded the changes, saying they "go a long way toward alleviating our concerns."


"The amendments address key civil liberties concerns that have dogged the cybersecurity debate," agreed Leslie Harris, president and CEO of the Center for Democracy and Technology.

The statements mark a major shift for the privacy groups, which had urged the Senate to reject the previous version of Lieberman's bill to prevent an erosion of civil liberties. 

Supporters of Lieberman's bill, including Sens. Susan CollinsSusan Margaret CollinsModerates' 0B infrastructure bill is a tough sell with Democrats OVERNIGHT ENERGY: Senate confirms Mallory to lead White House environment council | US emissions dropped 1.7 percent in 2019 | Interior further delays Trump rule that would make drillers pay less to feds Anti-Asian hate crimes bill overcomes first Senate hurdle MORE (R-Maine), Dianne FeinsteinDianne Emiel FeinsteinOvernight Defense: Army moves to combat sexual crimes | Eight West Point cadets expelled | Democratic senators want to restrict F-35 sale to UAE A proposal to tackle congressional inside trading: Invest in the US Democratic senators seek to constrain F-35 sale to UAE MORE (D-Calif.) and Jay RockefellerJohn (Jay) Davison RockefellerBottom Line World Health Day: It's time to fight preventable disease Lobbying World MORE (D-W.Va.), conducted months of negotiations behind closed doors with the privacy groups to develop the revised proposal.

Sens. Al FrankenAlan (Al) Stuart Franken#MeWho? The hypocritical silence of Kamala Harris The Hill's Morning Report - Presented by Facebook - Senate Dems face unity test; Tanden nomination falls Gillibrand: Cuomo allegations 'completely unacceptable' MORE (D-Minn.), Dick DurbinDick DurbinBiden angers Democrats by keeping Trump-era refugee cap Chicago Police Union head calls Adam Toledo shooting 'justified,' says 'officer's actions actually heroic' Progressives put Democrats on defense MORE (D-Ill.) and Ron WydenRonald (Ron) Lee WydenGOP senator: Raising corporate taxes is a 'non-starter' Democrats get good news from IRS IRS chief warns of unpaid taxes hitting trillion MORE (D-Ore.) also pushed for tougher privacy protections.

Like the controversial Cyber Intelligence Sharing and Protection Act (CISPA) that passed the House in April, Lieberman's Cybersecurity Act would encourage companies to share information about cyber threats with the government. 

The privacy groups fought fiercely against CISPA, saying it would lead private companies to hand over their customers' personal information to military spy agencies. 

President Obama also threatened to veto CISPA over privacy and civil liberty concerns.

The revised Lieberman bill narrows the definition of what can be shared and requires that any information shared with the government must go to civilian, not military, agencies. The privacy groups argue that the legislation should not empower the CIA and the National Security Agency (NSA) to collect Americans' personal computer information.

The bill also dictates that the information can only be used for addressing cybersecurity threats and not other purposes, such as national security or criminal investigations. 

"We have worked very closely with Senate colleagues, privacy groups and industry to strengthen the bill's privacy protections without undermining the fundamental goal of improving information cybersecurity sharing," Feinstein said in a statement. "I believe the bill is stronger as a result of these changes."

But the privacy groups stopped short of a full-throated endorsement of the bill. The ACLU's Richardson said "not all of the problems with the Cybersecurity Act are solved yet," and Gregory Nojeim, a director for the Center for Democracy and Technology, said "more work needs to be done on the Senate floor to secure CDT’s support for this legislation." 

The groups' statement, however, focused on urging lawmakers not to water down the protections that are already in place.

But appeasing the privacy groups may have moved the bill's supporters farther away from winning over business groups.

One industry official argued that companies should not be restricted from sharing information with military agencies.

"Sometimes it is appropriate for us to talk directly with [the Defense Department] or NSA," the official said.