The House of Representatives Passes Bipartisan Cybersecurity Information-Sharing Bill


A special to USLAW NETWORK and USLAW DigiKnow

By Karen Painter Randall, Connell Foley LLP, Roseland, New Jersey

The House of Representatives recently passed a bipartisan cybersecurity bill to make it easier for companies to share cyber-threat information with the government and thwart hacks by criminals, terrorists, and rogue nations.

In the first action taken by the new Congress in response to recent high-profile cyber-attacks, lawmakers voted 307-116 to approve the Protecting Cyber Networks Act, which was previously passed by the House’s Permanent Select Committee on Intelligence. The Senate intelligence committee passed its own cybersecurity information-sharing bill in March of this year, which they hoped to bring it to the floor shortly. Both the House-passed bill and the bill approved by the Senate intelligence committee offer liability protection to companies to shield them from lawsuits that could arise from the sharing of business records with the government and with one another. Previously, businesses have been reluctant to report to the government a cyber-attack out of fear of lawsuits from consumers or privacy groups. However, the proposed bill would shield businesses from liability and encourage the sharing of information. One key difference between the two bills is that the Senate bill requires any information shared by private companies to first go through the Department of Homeland Security, whereas, the House bill would allow companies to share their cyber-threat information with any civilian agency. Thus, for example, a bank could go straight to the Treasury Department for assistance related to a cyber-attack.

The bill passed by the House also makes the federal government liable for violations of privacy and civil liberties, and allows citizens who believe their privacy has been violated to seek damages from the government in Court.

Recently breached companies such as JPMorgan Chase, health insurer, Anthem, aviation companies and automobile manufacturers are actively lobbying and supportive of the cybersecurity information-sharing bills with the hope of limiting their liability.

Despite these new laws, there are many who believe that it will not significantly reduce security breaches, and that the private sector is already doing a good job of information sharing. Moreover, critics do not believe the information sharing bill addresses the real problem that sophisticated hackers will continue to penetrate what are in many cases inherently vulnerable systems.

Designed & Developed by Peak Seven