The House of Representatives passed cybersecurity legislation Thursday aimed at protecting American companies from hackers who steal intellectual property.
The bill passed 248 to 168, largely along party lines, despite the Obama administration's threats to veto the bill and its claims that the bill falls short in protecting civil liberties
The Cyber Intelligence Sharing and Protection Act, or CISPA, sponsored by Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.), would give businesses and the federal government legal protection to share information about cyber-threats with each other. The government does not currently share that data because the information is classified and companies fear violating anti-trust law. The bill would remove legal barriers so they can do so.
On the House floor before the vote, Rogers said the bill was about preventing other nations from stealing intellectual property from U.S. companies.
“You know, without our ideas, without our innovation that countries like China are stealing every single day, we will cease to be a great nation," Rogers said. "They are slowly and silently and quickly stealing the value and prosperity of America."
The bill's passage was largely expected. It had more than 100 co-sponsors, and support from the U.S. Chamber of Commerce and several major technology companies.
But the legislation has been criticized by privacy and civil liberties groups who said its definition of the consumer data that can be shared with the government is overly broad. The bill's authors added several amendments to appease concerns, such as limiting the federal government's use of private information and restricting which cyber-threat data can be shared.
After the vote, however, privacy groups said they still were disappointed.
The Center for Democracy and Technology, which opposed the bill because of privacy concerns, said House leadership chose to block amendments aimed at limiting the flow of citizens' information to the National Security Agency and curbing the use of that data for national security purposes unrelated to cybersecurity.
"CDT is disappointed that CISPA passed the House in such flawed form and under such a flawed process," the group said in a statement.
The House bill will need to be reconciled with cybersecurity legislation in the Senate, where two competing bills differ over whether to regulate critical infrastructure such as power plants.
In February, Sens. Joe Lieberman (I-Conn.), Susan Collins (R-Maine), John D. Rockefeller IV, (D-W.Va.), and Dianne Feinstein (D-Calif.) introduced a measure that gives Department of Homeland Security new powers to require companies that operate critical infrastructure to meet baseline security standards.
That bill has the support of the White House, which proposed its own cyber legislation in May.
But many Republicans and business lobbyists, including the chamber of commerce, oppose legislation that imposes regulations, claiming they would harm companies, which own and operate 85 percent of critical infrastructure.
In response, Sen. John McCain (R-Ariz.) introduced a bill that contrasts with legislation introduced by Lieberman, a longtime friend. McCain's bill, backed by several Republican senators, does not focus on regulation, but instead on increased information-sharing between the government and private sector.