After gaining approval by the U.S. House of Representatives earlier this month, the controversial Cyber Intelligence Sharing and Protection Act, or CISPA, won't even be considered by the the U.S. Senate Committee on Commerce, Science and Transportation, according to a committee staffer who requested anonymity.
"We're not taking [CISPA] up," the Senate aide said. "Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we're going to strengthen cybersecurity. They'll be drafting separate bills."
President Barack Obama had already threatened to veto CISPA earlier this month.
Originally introduced in November 2011, CISPA was designed to allow sharing of Internet traffic data between companies and the government to better detect and protect critical infrastructure against cyberthreats and cyberattacks. Dozens of prominent technology companies, including Apple, Google and IBM, initially supported the bill’s passage to “address issues such as strengthening privacy protections.”
Yet it was the issue of privacy that had key opponents like the ACLU and Electronic Frontier Foundation worried about CISPA 2013, including its dangerously broad language and lack of limits on how and when the government can monitor Internet browsing information.
"I think it's dead for now," Michelle Richardson, legislative council with the ACLU, said. "CISPA is too controversial, it's too expansive, it's just not the same sort of program contemplated by the Senate last year. We're pleased to hear the Senate will probably pick up where it left off last year."
CISPA will likely need some heavy reworking if it hopes to get passed into law; Obama has been steadfast in his position on CISPA, saying he will veto any bill that doesn’t include more privacy protections for citizens.
“The administration seeks to build upon the continuing dialogue with the [House Intelligence Committee] and stands ready to work with members of Congress to incorporate our core priorities to produce cybersecurity information, sharing legislation that addresses these critical issues,” the White House said in its statement originally threatening to veto CISPA.
"We need to be vigilant as the year moves on to make sure that whatever the next product is it's not CISPA-lite," Richardson said. "I think this is probably going to take the rest of the year."
Even though CISPA may not be passed in 2013, the Senate will debate other pieces of cybersecurity legislation in 2013, including the Cybersecurity and American Cyber Competitiveness Act of 2013, which, according to Richardson, clarifies that companies would have to “pull out sensitive data [about citizens]” before companies could send data to the government.
“The American people expect their government to enhance security without undermining their privacy and civil liberties,” the Obama administration said in its veto threat of CISPA in 2012. “Without clear legal protections and independent oversight, information-sharing legislation will undermine the public's trust in the government as well as in the Internet by undermining fundamental privacy, confidentiality, civil liberties and consumer protections.”