Like Countable?

Install the App
TRY NOW

senate Bill S. 754

Creating a Voluntary Data Sharing Program Between The Government and the Private Sector

Argument in favor

The federal government needs to be as agile as possible in responding to cyber threats, and this bill strikes an effective balance in protecting individual’s privacy and allowing information to flow to intelligence agencies.

Cary's Opinion
···
04/07/2015
Voluntary cooperation to protect ourselves is much more palatable than forced invasion of privacy to ensure safety.
Like (20)
Follow
Share
Tomblue01's Opinion
···
04/11/2015
We are getting our ass kicked in all things cyber. Countries like China due to their central government authority have full access to all Internet traffic, cyber attack data, etc and have the ability to centrally control and defend their networks. This gives them overwhelming strategic advantage, and they attack us constantly with impunity. For us to stand a chance at defending ourselves, we either need to amend the Constitution and grant our military authority over private infrastructure (not gonna happen) or ensure private and public sectors are working together in hopes of erecting at least a moderate defense capability. As for lack of privacy, we don't have time to work out the details to make everyone happy. We are loosing right NOW and we are loosing big time. And who would we rather have control of our private data? The U.S. or China (by way of theft)... I know where my vote is...
Like (5)
Follow
Share
Alex's Opinion
···
01/14/2017
The only way we can seriously increase security as a whole is to share data on threat actors and vectors. By not doing so we only isolate each organization and make them significantly more vulnerable.
Like (2)
Follow
Share

Argument opposed

The privacy protections in this bill are severely lacking. Requiring reports about privacy breaches every two years doesn’t convey a sense of urgency about protecting civil liberties.

Brent catdaddy's Opinion
···
04/07/2015
If they repealed the PATRIOT Act this shit wouldn't be necessary!!!!!!!!!!!!!!
Like (43)
Follow
Share
Jonathan's Opinion
···
04/07/2015
National Security is important, however a citizen's privacy rights must be protected and not impeded.
Like (33)
Follow
Share
Bthompson3's Opinion
···
04/07/2015
I want less government involved in my information. They are already violating basic privacy principles with laws and acts such as The Patriot Act
Like (24)
Follow
Share

bill Progress


  • Not enacted
    The President has not signed this bill
  • The house has not voted
  • The senate Passed October 27th, 2015
    Roll Call Vote 74 Yea / 21 Nay
      senate Committees
      Select Committee on Intelligence
    IntroducedMarch 17th, 2015

Log in or create an account to see how your Reps voted!

What is Senate Bill S. 754?

In hopes of bolstering the nation's cyber security, this bill attempts to woo private sector companies into sharing computer data with the federal government by offering those companies expanded liability protections when they give up data.

The participation of private entities — typically businesses — would be completely voluntary, and they would face no liability for non-participation. Private entities also would have limited liability for monitoring their consenting consumers networks — and they could share cyber threat information that has personal consumer information removed first. 

All monitoring of a private entity’s network and cyber threats against that network must be done with the user’s consent.

On the federal government's end, this bill would require the Director of National Intelligence (DNI), the Secretary of Homeland Security (DHS), the Secretary of Defense (DOD), and the Attorney General (DOJ) to work together to develop new cybersecurity procedures.

Information about threats would be sent to the Department of Homeland Security (DHS), which could then be shared in real-time with other federal agencies as needed. These procedures would promote more seamless sharing of classified and unclassified cyber threat indicators across federal agencies. For those of you who don't know, Cyber threat indicators are the measures that help spot the malicious gathering (active or passive) of data, security vulnerabilities that exist or are being exploited and defeated, and the exfiltration of information.

Interim policies and procedures must be created within 60 days of this bill’s enactment, and final policies and procedures need to be established within 180 days. Once both the interim and final policies are developed, they would be submitted to Congress for review and made public.

The final guidelines would have to limit the impact on privacy and civil liberties for activities conducted by the federal government. In addition to preventing the inclusion of personal information when cyber threat indicators are shared, the final guidelines must create a process for destroying such information that is inadvertently shared. Limitations on how long cyber threat indicators may be kept would also be included.

Impact

Private sector entities, state and local agencies, federal agencies that manage cyber security threats, U.S. cyber security, the Director of National Intelligence (DNI), the Secretary of Homeland Security (DHS), the Secretary of Defense (DOD), and the Attorney General (DOJ).

Cost of Senate Bill S. 754

$20.00 Million
The CBO estimates that this bill would cost about $20 million over the 2016-2020 period, or about $4 million annually.

More Information

Of Note: Voluntary information sharing between private companies and federal agencies is already taking place through a program designed to help defense contractors protect themselves from cyber threats. This is done through the identification of cyber attack signatures, which can be logged and then used to guard against future attacks.

There has been substantial outcry against this legislation because of a perceived lack of privacy protections. When this legislation was passed through a 14-1 vote of the Senate’s Senate Intelligence Committee, Senator Ron Wyden (D-OR) remarked that “if information-sharing legislation does not include adequate privacy protections then that’s not a cybersecurity bill — it’s a surveillance bill by another name.”

For their part, the bill’s proponents believe the adequate safeguards for personal information are included in this version of the bill. Senator Dianne Feinstein (D-CA) has said that the “privacy provisions are substantial,” and that the amendments found in this version are an improvement on previous drafts of the bill. Those amendments have helped galvanize support for this legislation in the Senate, as it failed to receive a vote after its introduction in 2014.


In-Depth: Private entities would be authorized to have defensive measures for their own networks, and could share information with the federal government in addition to any cyber threat information. There would be no authorization for offensive or destructive activities undertaken on a private entities network.

This bill would require federal agencies to submit an implementation report to the Inspector Generals of relevant federal agencies and to Congress within one year of this legislation’s enactment. Ongoing reports would be required thereafter at least once every two years.


Media:

Summary by Eric Revell

(Photo Credit: Flickr user x-ray delta one

AKA

Cybersecurity Information Sharing Act of 2015

Official Title

To improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes.

    Voluntary cooperation to protect ourselves is much more palatable than forced invasion of privacy to ensure safety.
    Like (20)
    Follow
    Share
    If they repealed the PATRIOT Act this shit wouldn't be necessary!!!!!!!!!!!!!!
    Like (43)
    Follow
    Share
    National Security is important, however a citizen's privacy rights must be protected and not impeded.
    Like (33)
    Follow
    Share
    I want less government involved in my information. They are already violating basic privacy principles with laws and acts such as The Patriot Act
    Like (24)
    Follow
    Share
    Oftentimes, "voluntary" government programs become mandatory through coercive incentives and harsh regulatory add-ons.
    Like (21)
    Follow
    Share
    They work for us. They should share their information with us.
    Like (9)
    Follow
    Share
    This is just the government's way of funneling more of our tax dollars into information surveillance. No thank you!
    Like (9)
    Follow
    Share
    The government has infringed enough on our privacy.
    Like (6)
    Follow
    Share
    Increasingly, I am horrified at the growing frequency of data breaches into businesses & American's private data, intrusions into the hallowed halls of our government & taken aback by the fact that protections, encryption & other good computing practices haven't already been implemented. Yes, this is a complicated issue & there are some good ideas in this legislation but it doesn't go far enough to (1) protect Americans' private data & (2) coordinating all of the different entities who actively engage in cyber security. We need an "all guns face out," cyber security bill that rewards private entities, builds cooperation & pro-actively responds to real-time, cyber threats both foreign & domestic.
    Like (6)
    Follow
    Share
    It's too difficult to set up boundaries and enforce this because data sharing can be easily changed and manipulated.
    Like (6)
    Follow
    Share
    Threats and risks of leaked data and hackers give importance to the topic of cybersecurity. In a blog post, we mentioned that, "We need the public to care and to be informed but we also need to be sure that in publicizing these risks, we’re not opening the door for hackers to take advantage of them". http://ow.ly/PiDXQ
    Like (6)
    Follow
    Share
    Big brother is not what we need from our government.
    Like (6)
    Follow
    Share
    We are getting our ass kicked in all things cyber. Countries like China due to their central government authority have full access to all Internet traffic, cyber attack data, etc and have the ability to centrally control and defend their networks. This gives them overwhelming strategic advantage, and they attack us constantly with impunity. For us to stand a chance at defending ourselves, we either need to amend the Constitution and grant our military authority over private infrastructure (not gonna happen) or ensure private and public sectors are working together in hopes of erecting at least a moderate defense capability. As for lack of privacy, we don't have time to work out the details to make everyone happy. We are loosing right NOW and we are loosing big time. And who would we rather have control of our private data? The U.S. or China (by way of theft)... I know where my vote is...
    Like (5)
    Follow
    Share
    Lol, no. I mean they probably already know enough about me anyway from all the secret stuff the NSA does with the back doors from several tech companies. Repeal the Patriot Act then maybe. Just maybe.
    Like (5)
    Follow
    Share
    Fourth amendment should protect individuals from government. This gives data collectors ie stalkers ie corporate capitalists ability to capitalize on private information for their and government benefit but not the benefit of individual or privacy rights
    Like (3)
    Follow
    Share
    The government is too involved with business and our personal lives already
    Like (2)
    Follow
    Share
    TOO MUCH GOVERNMENT INTERFERENCE ALREADY . Our constitution was written for the people not the government.
    Like (2)
    Follow
    Share
    Big Brother is watching.
    Like (2)
    Follow
    Share
    Voluntary sharing can easily become coercive "voluntary" sharing. There isn't anything that prohibits sending cyberterrorism warnings from businesses to government. Businesses need to be careful, and so does our government, to not give unauthorized access without compelling reasons to do so. If information is shared, then a reasonable person would see the necessity of it.
    Like (2)
    Follow
    Share
    The government and private business are already FAR too intrusive in our private lives.
    Like (2)
    Follow
    Share
    MORE