Conference Cybersecurity Information Sharing Bill Text Likely Going Public Amid Opposition
Final language for a conference cybersecurity information sharing bill is likely to go public as early as Tuesday, industry lobbyists told us. Days ago, language began circulating for a largely rewritten information sharing bill that would swing the center of gravity in an expanded information sharing apparatus away from the Department of Homeland Security and back toward intelligence and law enforcement agencies. House and Senate cybersecurity leaders have been in informal negotiations on a conference information sharing bill since the Senate passed the Cybersecurity Information Sharing Act (S-754) in late October (see 1510280057).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Conference negotiations also have needed to factor in two House-passed bills -- the Protecting Cyber Networks Act (HR-1560) and the National Cybersecurity Protection Advancement Act (HR-1731). Language from the pro-DHS HR-1731 was later combined with HR-1560 for submission to the Senate. Perceptions that a final conference bill could shift away from the DHS-centric information sharing apparatus envisioned in final versions of HR-1560 and S-754 have fueled renewed ire from digital rights groups and other privacy advocates.
Senate Intelligence Committee Chairman Richard Burr, R-N.C., reportedly “dropped” his preferred language for a conference information sharing bill, coordinated with the House Intelligence Committee, on House and Senate Homeland Security members this weekend, an industry lobbyist told us. That language favors earlier versions of HR-1560 and S-754. That would result in a conference bill taking a “significant turn” toward an intelligence and law enforcement community-centric information sharing apparatus at the expense of compromise language in final versions of HR-1560 and S-754 that would place the civilian information sharing center of gravity at DHS, the lobbyist said. Burr's office didn't comment.
Negotiations to restore “a little more” of the DHS-centric language to Burr’s draft conference bill were continuing at our deadline but at that point were unsuccessful, stakeholders told us. If the text that emerges Tuesday “still moves away from a DHS-centric view of information sharing, I think that a number of people who wanted a civilian face on this may well be displeased,” an industry lobbyist said. Privacy and civil liberties groups protested against HR-1560 and S-754 for placing too much emphasis on information sharing with intelligence agencies and law enforcement even in later compromise versions. And Burr’s proposed language would “tip the scales” in favor of the intelligence community even more than in earlier versions of S-754, the lobbyist said.
Some congressional leaders are pushing for a quick formal conference process once text for the information sharing bill goes public so the final measure can be lumped into the omnibus budget deal, lobbyists told us. Including information sharing legislation in the omnibus would significantly reduce the likelihood that members of the House and Senate who voted for either HR-1560 or S-754 based on later compromise language would switch sides based on harder-line conference text, a pro-DHS lobbyist said. Pro-intelligence community legislators “have realized they have a little more leverage now based on the Paris and [San Bernardino, California,] terrorist attacks, and have tried to use that to regain some of the advantage they might have lost following earlier compromises,” another industry lobbyist said.
“Substantial differences appear to remain over the role of DHS and how the 'portal' may work,” said Norma Krayem, Holland & Knight senior cybersecurity policy adviser. “It's critical that both the private sector and privacy groups understand how this may work prior to anything going to the floor. It's also critical that these negotiations fit into the larger sphere of global issues including trying to close out safe harbor 2.0.”
Digital rights and privacy groups have renewed appeals to members of Congress to oppose intelligence community-centric information sharing legislation since news of Burr’s draft bill language began circulating. Digital rights group Access referred to the Burr draft as a “Frankenstein bill.” Other advocates are appealing directly to House Speaker Paul Ryan, R-Wis., and House Homeland Security Chairman Michael McCaul, R-Texas, to oppose the Burr draft. McCaul hadn't signed off on the Burr draft at our deadline but was facing pressure to do so, an industry lobbyist said.
“There are members of the Senate and members of the House who are concerned about this bill,” said Neema Singh Guliani, an American Civil Liberties Union legislative counsel who focuses on national security and privacy issues, in an interview. “The real question is whether the concerns of those members is significant enough to at a minimum force a debate on this issue instead of having the bill inserted into the omnibus, which really undermines the ability of members to vote no on that provision. It really puts the members in [between] a rock and a hard place.” It’s unclear the extent to which privacy groups’ appeals are likely to influence the debate at this point, given that they’ve criticized even compromise versions of HR-1560 and S-754, an industry lobbyist said.