Despite outcry from advocates for privacy who say the bill endorses extensive surveillance rather than security, the Cybersecurity Information Sharing Act passed in the Senate in October. Now, a version of CISA has been tucked into a 2,000-plus page spending package, which was unveiled in a late House session Tuesday night. The updated CISA bill includes provisions that encourage companies to share cyber threats with the federal governments without being liable for not acting to prevent the threats, according to Wired.
The bill asks organizations sharing threat information with the government remove any identifying data, although critics of the bill maintain the newest version does not contain adequate privacy measures to ensure that identifying information isn't passed on. Additionally, critics say the bill does little to prevent major cyberattacks from taking place.
"[M]ost cybersecurity experts agree that this bill will do little, if anything, to protect American against sophisticated hacks," reads Sen. Ron Wyden's (D-Ore.) website. Sen. Wyden, along with groups such as the Open Technology Institute, the Center for Democracy and Technology, Access and EFF, has opposed the bill since its initial iteration.
The House will vote on the omnibus bill, and the latest version of CISA contained within, in a Friday session.