CISPA suffers setback in Senate citing privacy concerns

A Senate committee chairman said the cybersecurity bill passed by the House is "important," but its privacy protections are "insufficient." A new report suggests separate bills will be drafted.

Zack Whittaker Writer-editor
Zack Whittaker is a former security editor for CNET's sister site ZDNet.
Zack Whittaker
2 min read
U.S. Capitol
Shara Tibken/CNET

The Senate will almost certainly kill a controversial cybersecurity bill, recently passed by the House, according to a U.S. Senate Committee member.

The comments were first reported by U.S. News on Thursday.

Sen. Jay Rockefeller, D-W.Va., the chairman of the U.S. Senate Committee on Commerce, Science and Transportation, said in a statement on April 18 that CISPA's privacy protections are "insufficient."

A committee aide told CNET on Thursday that Rockefeller believes the Senate will not take up CISPA. The White House has also said the president won't sign the House bill.

Staff and senators are understood to be "drafting separate bills" that will maintain the cybersecurity information sharing while preserving civil liberties and privacy rights.

Rockefeller's thoughts on CISPA are significant, because as head of the Commerce Committee, he leads the branch of the Senate that will be the first to debate its own cybersecurity legislation.

Michelle Richardson, legislative council with the American Civil Liberties Union, told the publication that she thinks CISPA is "dead for now," and that the Senate will "probably pick up where it left off last year."

The Cyber Information Sharing and Protection Act, commonly known as CISPA, permits private sector companies -- including technology firms, such as Facebook, Twitter, Google and Microsoft, among others -- to pass "cyber threat" data, including personal user data, to the U.S. government.

This means a company like Facebook, Twitter, Google, or any other technology or telecoms company, including your cell service provider, would be legally able to hand over vast amounts of data to the U.S. government and its law enforcement -- for whatever purpose it deems necessary -- and face no legal reprisals.

Civil liberties groups have called CISPA a "privacy killer," and "dangerously vague," and warned that it may be in breach of the Fourth Amendment.

After CISPA passed the House the first time last year, the Senate shelved the bill in favor its own cybersecurity legislation. Following today's statements, the Senate is edging closer to repeating its actions for a second time.

Correction, 4:44 p.m. PT: An earlier version of this story misidentified the state Sen. Jay Rockefeller represents. He represents West Virginia.