There were a number of different amendments
put forth for CISPA today -- including many that sought to protect people's privacy and to make sure that the NSA didn't get first dibs on any information. The House Rules Committee met for about three hours today to hear about the various amendments and then basically rejected all of the privacy amendments. Rep. Justin Amash seemed reasonably confused as to why the Rules Committee would reject
his amendment, which (as summarized) would "permit an entity to provide through enforceable contract that it will not share personally identifiable information with the federal government." Other rejected amendments included the amendment from Rep. Schiff that would require companies sharing data with the government under CISPA to make "reasonable efforts" to remove personally identifiable info of people who were unrelated to the "cyberthreat" in question. Another rejected amendment, put forth by Rep. Schakowsky would have required that the first point of info sharing be a civilian agency (DHS) instead of military (NSA/DOD).
All of these seemed like reasonable responses to the privacy concerns raised by the White House and others. And they were all rejected before they even got to the floor
. Yes, this wasn't about them being voted down by the whole House. Rather, the Rules Committee voted not to even let them be voted on by the House. Why? As far as I could tell from the hearing, the answer was "because [reasons]." Also some garbage about how no one intended the law to be misused. Um. If that's the case, why not put it in the law
to block it from being abused?
There is one amendment, from Rep. Jackson Lee, contains a few nods towards privacy, and does make clear that service providers are not required to provide info. It would also seek to protect a very specific class of private data (that stored by a company that also provides info services to the government), but that's got little to do with the key privacy protections proposed elsewhere. There is also an amendment from Rep. Barton that stops companies from using any info they get from each other
for marketing purposes, but that's really not a huge issue with the CISPA related data. Neither of these are serious privacy protections, and neither are definitely going to get adopted either.
So, now the CISPA fight will go to the floor of the House without any serious meaningful amendments concerning privacy, and (as is typical) the House is likely to pass it. The next fight will be in the Senate to see what sort of awful proposal comes out of there as well, and whether or not it matches up with CISPA.