Burr stumps for cyber bill
The North Carolina senator made CISA the focus of the Republican Party's weekly radio address.
Sen. Richard Burr promoted his cybersecurity legislation in the Republicans' weekly address.
Sen. Richard Burr (R-N.C.) is trying to drum up public support for his cybersecurity legislation, the Cybersecurity Information Sharing Act of 2015. He used the Republicans' weekly speech on April 4, in the midst of a two-week break in the congressional session, to pitch his bill as a solution to the ongoing plague of large-scale cyberattacks that is compromising the personally identifiable information of millions of Americans.
"Cyberattackers...are cracking into the vaults of our companies and our government," Burr said in his speech. "They're stealing your personal information as well as the intellectual property that makes our economy the most creative and vibrant in the world."
CISA passed out of the Senate Select Committee on Intelligence, which Burr chairs, by a vote of 14-1 in March. Now the bill goes to the full Senate, where it is expected to enjoy wide support. It offers private companies that voluntarily share cyberthreat information with the government some protection against antitrust rules and being sued by their customers for the disclosures. Under the legislation, the Department of Homeland Security would set up a portal by which companies could transmit threat indicators to government in real time.
Critics -- including the intelligence committee's lone dissenter, Sen. Ron Wyden (D-Ore.) -- say the bill's privacy protections are weak and will enable the sharing of too much personally identifiable information. They are also concerned that the bill grants too much authority to the government to use information collected for the purposes of network defense to prosecute unrelated criminal offenses.
"This excessively broad collection may not be the intent of this bill, but the language is clearly drafted broadly enough to permit it," Wyden said in a statement. He wants the legislation adjusted to narrow the definition of a cybersecurity threat.
There appears to be a bipartisan path for a cybersecurity bill to get through Congress this year. Two bills are moving through the House that provide liability protections for companies that share information with government: one from the Permanent Select Committee on Intelligence that tracks closely with the Senate bill and a second in the Homeland Security Committee that is still in draft form.