White House backs controversial cyber bill
The White House late Thursday officially endorsed a major cybersecurity bill set for a final vote on Tuesday.
The Obama administration has been informally on board with the Cybersecurity Information Sharing Act (CISA) — which would shield companies from legal liability when sharing cyber threat data with the government — since August, when White House spokesman Eric Schultz called on the upper chamber to swiftly move the bill.
{mosads}But Thursday’s statement cemented White House support for the measure that has received opposition both from President Obama’s own party and civil liberties-minded Republicans.
“An important building block for improving the nation’s cybersecurity is ensuring that private entities can collaborate to share timely cyber threat information with each other and the federal government,” said a White House memo.
Many industry groups and a large bipartisan coalition of lawmakers side with the White House, arguing CISA is a necessary first step to better understanding and repelling hackers.
But digital rights groups, a growing number of tech companies and privacy-minded senators in both parties are concerned the bill would allow companies to hand over troves of customers’ personal data to government intelligence agencies.
The White House has previously expressed similar privacy concerns about CISA. But in its statement Thursday, the administration commended CISA’s sponsors, Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), for their edits to the bill, both in committee and in a manager’s amendment that is expected to pass next week.
Those alterations have helped the White House come around on the bill.
“This work has strengthened the legislation and incorporated important modifications to better protect privacy,” the White House said.
For months, a major sticking point for the Obama administration was how companies would share their data on hackers with the government.
The White House wants all private sector data funneled through the Department of Homeland Security (DHS), which is seen as the agency best suited to scrub personal data. After some tweaks and expected clarifications, the administration seems satisfied CISA will largely achieve this goal.
“Focusing real-time sharing through one center at DHS enhances situational awareness, facilitates robust privacy controls, and helps to ensure oversight of such sharing,” the statement said. “In addition, centralizing this sharing mechanism through DHS will facilitate more effective real-time sharing with other agencies in the most efficient manner.”
But the White House did take issue with provisions that allow for some limited situations in which companies can bypass the DHS and go straight to other federal agencies.
“This remains a significant concern, and the administration is eager to work with the Congress to seek a workable solution,” it said.
The White House also warned lawmakers not to authorize more exceptions to the DHS “portal,” which could happen if the Senate approves an amendment from Sen. Tom Cotton (R-Ark.).
The Senate will vote next Tuesday on Cotton’s offering, which would give companies liability protections when sharing data directly with the FBI and Secret Service, a concept that’s anathema to privacy advocates.
“The administration will strongly oppose any amendments that would provide additional liability-protected sharing channels, including expanding any exceptions to the DHS portal,” the White House cautioned.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.