The House Intelligence Committee passed a cybersecurity bill on Thursday with a few amendments. The bill aims to increase sharing of cybersecurity intelligence between agencies and private companies.
Through the amended bill, private companies are able to voluntarily share information about electronic threats with the government and in return, would receive liability protections, according to the Politico report.
While there was some worry that the bill would lead to invasions of privacy, the bill now includes specifications that give a better picture of agencies only accessing information when it is actually necessary.
The bill says that the Director of National Intelligence will issue guidelines for granting security clearances and expedite those clearances if necessary. A list of companies are also eligible to access classified information from agencies, such as the National Security Agency.
The bill says that cybersecurity providers will be allowed to use cybersecurity systems to identify threats and “share such cyber threat information with any other entity designated by such protected entity, including, if specifically designated, the federal government.”
Expanded privacy protections on company data given to the government is included in the bill as well. Customer data for example could and should be used for national security.
With the new measures of sharing comes specific regulations, including the barring the government from searching collected data unless it is needed to secure networks vulnerable to attacks.
While the House panel has approved the bill, it still has to face the entire House and Senate for full approval.
Previous cyber sharing coverage:
- House Panel Intros Bill Allowing Govt., Private Sector to Share Cyber Info
- Rep. James Langevin: Public-Private Partnership Needed on Cybersecurity
- Pentagon, DHS Probe Expanding Sharing of Cyber Threat Intel with Contractors