The Senate Intelligence Committee is expected to introduce legislation next week that would help the public and private sectors share information about cyber threats, sources tell The Hill.
A draft of the bill is now being circulated, according to multiple people, in anticipation of a markup being held in the coming weeks.
Sens. Richard BurrRichard BurrFive questions for the House's new Russia investigator Why an independent counsel is necessary in an election probe Senators aim to extend federal conservation fund MORE (R-N.C.) and Dianne FeinsteinDianne FeinsteinHotel industry details plans to fight Airbnb Congress needs a do-over on fraud-laden 'Immigrant Investor' program Ginsburg appears to refer to Graham as one of 'the women of the Senate' MORE (D-Calif.) — the Intelligence Committee’s top two members — are likely behind the new bill, sources say.
CISA was intended to facilitate a cyber threat data exchange between private companies and intelligence agencies by giving legal liability protections to the companies that share information.
Both industry groups and government officials argue such an exchange is necessary to prop up the country's faltering cyber defenses.
"There’s only one way to defend America from these cyber threats, and that is through government and industry working together, sharing appropriate information as true partners," President Obama said at a White House cybersecurity summit last Friday.
A rash of high-profile breaches across the public and private sectors have raised pressure on lawmakers to pass legislation enabling data sharing.
But privacy advocates worry the National Security Agency (NSA) might abuse sensitive data obtained under such an arrangement. They have insisted on reining in NSA authority before moving on a CISA-type bill.
When the Senate was unable to move forward with an NSA reform bill in November, CISA was largely considered dead.
The cyber bill’s 2015 iteration is sure to generate a new round of controversy, despite its enhanced privacy provisions.
Lawmakers face a looming June 1 deadline to reauthorize sections of the Patriot Act that authorize the NSA’s most controversial surveillance programs. Several senators are expected to use the deadline as leverage to try and curb the NSA's authority.
The outcome of that debate could make or break the Intelligence committee's cyber bill.
The measure will face other hurdles as well.
The White House has been making a big push to put the Department of Homeland Security (DHS), not the intelligence community, at the center of the public-privacy cyber data exchange program. The move is a nod to privacy advocates, who would prefer a civilian agency like the DHS at the head of the government's information-sharing efforts.
The administration released its own legislative proposal in January, and Obama last week signed an executive order to make the offering more attractive to lawmakers.
Sen. Tom CarperTom CarperDems probe claims of religious bias in DHS 'trusted traveler' program Senate Dems want Trump to release ethics waivers, visitor logs Medicare’s coverage decisions need more input from physicians MORE (D-Del.), ranking member on the Senate Homeland Security and Governmental Affairs Committee, has already introduced a bill that closely mirrors the White House proposal.
The committee’s chairman, Sen. Ron JohnsonRon JohnsonTrump should work with Congress to block regulations on prepaid cards Five reasons to worry about the ShadowBrokers hack Border Patrol could drop polygraph requirement for new agents: report MORE (R-Wis.), has said he wants to wait and see the Intelligence committee’s bill before moving forward with anything in his committee.
The dual path approach has left many wondering whether a final info-sharing bill will be some combination of the two measures or if one will win out over the other.
The Intelligence Committee bill and markup could help provide some answers.