The National Cable & Telecommunications Association says it looks as though the Cybersecurity Information Sharing Act of 2015 (CISA) will be moving to a Senate vote.
The bill, which passed 14-1 out of the Senate Select Committee March 13, would make it easier for NCTA members to share cyber threat indicators (CTIs)—usually computer code—and to take defensive measures to counter such attacks from botnets, viruses, malware and more.
The legislation authorizes voluntary sharing of cyber threat information between companies and with the government, with the stipulation that companies have to take "appropriate measures" to protect against sharing personally identifiable information. It includes liability protections for companies and individuals who do share information.
Critics of the bill have said it allows for more government surveillance, but NCTA says its modifications—limiting sharing of threat information to cybersecurity purposes and prohibiting it from being used to investigate even "serious violent felonies"—should assuage privacy and civil liberties groups claiming it is a surveillance bill.
NCTA says the bill "can in no way be misused as a 'surveillance' bill. Its scope is extremely narrow, and specifically aimed at protecting business, individuals, and critical Internet infrastructure from malicious cyber attacks," NCTA blogged this week.
USTelecom agrees. "In this post-Snowden era, it regrettably has become all too easy to assume that anytime the federal government is involved in online activities related to security, there could be some nefarious angle related to 'spying' or 'surveillance' involved," USTelecom blogged back in August. "But it’s crucial the Senate look at facts, not fear-mongering. No matter how often the opponents of this legislation claim that CISA is a surveillance bill, their claim, in the words of Sen. Dianne Feinstein (D-CA), is 'bogus … a detriment to us in taking this first step to protect our American industries.'”