A long-delayed bill that would make it easier for corporations to share information about cyber-attacks with each other or the government without fear of lawsuits advanced in the US Senate on Thursday with support from members of both parties and the White House.
Dozens of industry and business groups, including the US Chamber of Commerce, back the Cybersecurity Information Sharing Act (CISA), saying it would help encourage companies and the government to share information that might help thwart high-profile cyber-attacks.
But many privacy activists and a few lawmakers, including Republican Senator Rand Paul and Democratic Senator Ron Wyden, vehemently oppose it. Several big tech companies also have come out against the measure, arguing that it fails to protect user privacy and does too little to prevent cyber-attacks.
“The bill would grant legal immunity to companies who in sharing information actually violate your privacy,” Paul said in the Senate shortly after a procedural vote of 83 to 14, well above the 60 “yes” votes needed to move ahead.
The Senate began debating amendments to the measure, which is on track to pass next week.
The House of Representatives passed its version of CISA in April with strong support from Republicans and Democrats.
Any version of CISA passed by the Senate would have to be reconciled with the House bill before it could be sent to the White House for President Barack Obama to sign into law.
The White House said in a statement that it supports the bill but wants the Department of Homeland Security to be charged with running the information-sharing system, and would “strongly oppose” any amendments to the bill to expand exceptions.
The White House also said it is concerned about provisions that would authorise “certain potentially disruptive defensive measures” to hacking attacks, measures that could hurt foreign policy and raise legal issues.
“The administration is committed to continue working with stakeholders to address remaining concerns,” the White House said.