Summary of Amendments Submitted to the Rules Committee for H.R. 624 - Cyber Intelligence Sharing and Protection Act

Summaries Derived from Information Provided by Sponsors

Apr 16, 2013 3:13PM

Click on sponsor for amendment text.

Amash (MI), Massie (KY), Polis (CO), Radel, Trey (FL), Broun (GA), DeSantis, Ron (FL)

#31

Permits an entity to provide through enforceable contract that it will not share personally identifiable information with the federal government.

Amash (MI), Massie (KY), Polis (CO), Broun (GA)

#32

Prohibits the federal government from using, inter alia, library records, firearms sales records, and tax returns that it receives from private entities under CISPA.

Barton (TX)

#8

Clarifies that companies sharing cyber threat information with other companies cannot treat this sharing relationship as a loophole to sell a consumer's personal information for a marketing purpose.

Bustos, Cheri (IL)

#24

Requires an annual report to Congress with recommendations on workforce needs and related education and training needs to meet future cybersecurity threats, as well as an annual report on recommendations for retraining Veterans and members of the Armed Forces into roles combating cyber threats.

Cárdenas, Tony (CA)

#26

Requires the Director of National Intelligence to establish an outreach program to assist small businesses in cyber threat education.

Connolly (VA)

#33

Further defines how classified cyber threat intelligence may be shared and used. Adds an additional provision stipulating that classified threat intelligence may only be used, retained, or further disclosed by a certified entity only for cybersecurity purposes.

Connolly (VA)

#39

LATE Strengthens the policies and procedures governing the receipt, retention, use, and disclosure of non-publicly available cyber threat information shared with the Federal Government.

Connolly (VA)

#40

LATE Stipulates that the liability provisions for private sector entities are contingent upon the Privacy and Civil Liberties Oversight Board being operational.

Connolly (VA)

#41

LATE Prohibits an internet service provider from being granted immunity if acting as an agent of the Federal government.

Conyers (MI), Schakowsky (IL), Jackson Lee (TX), Johnson, Hank (GA), Holt (NJ)

#7

Amends liabilty exemption to exclude "decisions made" from coverage.

Enyart, William (IL)

#30

Requires the Inspector General (IG) of the Intelligence Community, in consultation with each IG of each federal government department or agency to submit to Congress a report reviewing cyber threats to manufacturing and agricultural production in the U.S. The report is due within 180 days of CISPA’s enactment, and then semiannually thereafter.

Franks (AZ)

#1

WITHDRAWN Broadens the definitions of Cyber Threat Information, Cyber Threat Intelligence, Cybersecurity Purpose, and Cybersecurity System within CISPA to ensure these terms include vulnerabilities to natural and manmade electromagnetic pulse.

Grayson (FL)

#10

Requires the federal government to obtain a warrant before it conducts an affirmative search on information shared with it under the authority of this bill. Specifically, strikes “for a purpose other than a purpose referred to in paragraph (1)” on p. 11, beginning on line 23, and inserts “without a warrant obtained in accordance with the fourth amendment to the Constitution of the United States”.

Jackson Lee (TX)

#13

Protects Internet users by promoting responsible actions by private entities and individuals seeking to address cyber security threats. The amendment limits liability protection to steps taken to secure an entity's network while under cyber attack, but would not extend protection to offensive actions taken against external networks or perceived threats.

Jackson Lee (TX)

#14

Expresses the Sense of the Congress that the United States should work for international cooperative agreements to protect critical infrastructure and institutions from cyber threats. Electric Utility grids, refineries, oil and gas extraction systems, pipelines, water treatment systems, sewage systems, medical devices and hospitals should be among the systems that are protected.

Jackson Lee (TX)

#15

Enhances privacy protection by preventing unnecessary disclosures of personal information by limiting reporting in cases involving an imminent threat of harm or death. Assists agencies in focusing resources on matters of greatest threat to national cyber security.

Jackson Lee (TX)

#16

Expresses the Sense of the Congress that all Federal Government computing devices should be protected by strong encryption to secure information while at rest and in transit and digital information stored on computers and on network, and information sent over the Internet should be secured against abuse or misuse.

Jackson Lee (TX)

#17

Clarifies that cyber security service providers need only provide information about cyber security incidents if they pose a threat to the government’s information and protects individuals’ private data from being accessed by the government solely because it is stored by a company that provides information services to a government agency

Jackson Lee (TX)

#18

Expresses the Sense of the Congress that the United States should work for international cooperative agreements to protect critical infrastructure and institutions from cyber threats, and ensure that all Federal Government computing devices use strong encryption to secure government information against abuse or misuse.

Jackson Lee (TX)

#34

REVISED Designates the Department of Homeland Security as the lead agency on cybersecurity.

Johnson, Hank (GA)

#25

Limits information sharing with law enforcement agencies to only include imminent cybersecurity threats. Strikes other forms of information sharing with law enforcement.

Kilmer, Derek (WA)

#27

Establishes a Cybersecurity Technology Commercialization Office.

Langevin (RI)

#35

Replaces the term “local” with “political subdivision”, which allows the inclusion of utility “districts” that would not otherwise be covered but that are intended to be covered in the bill.

McCaul (TX), Rogers, Mike (MI), Ruppersberger (MD), Thompson, Bennie (MS)

#42

LATE Establishs a primary point of receipt in the Federal Government for cyber threat information sharing at the Department of Homeland Security.

McNerney (CA)

#12

Requires the Secretary of Homeland Security, instead of the Director of National Intelligence, to establish and review the policies and procedures governing the receipt, retention, use, and disclosure of non-publicly available cyber threat information shared with the federal government.

Paulsen (MN)

#6

Establishes the sense of congress that international cooperation should be encouraged where possible in regards to cyber security.

Perlmutter (CO), Welch (VT)

#36

WITHDRAWN Prohibits the requirement of access to an employee's personal social media accounts by an employer as a means of obtaining or retaining employment. Exceptions to this access include when classified information, or an employee has explicitly shared private organizational information.

Peters, Scott (CA)

#38

LATE Establishes a National Economic and Critical Industry Intelligence Center. Requires the Director of National Intelligence to establish a National Economic and Critical Industry Intelligence Center that assesses the impact of cyber attacks on industries of national importance and how those attacks threaten national security.

Polis (CO)

#20

REVISED Limits the federal government’s use of data only for cybersecurity purposes pursuant to the title and purpose of the bill. The amendment also narrows the law enforcement exception to only instances of “imminent” danger.

Rogers, Mike (MI)

#28

Corrects reported language concerning a reference in subsection (c)(4) to the procedures created in (c)(7).

Rogers, Mike (MI)

#29

Makes clear that nothing in this bill authorizes the government to target a US person for surveillance.

Ruiz, Raul (CA)

#21

Requires the Director of National Intelligence to establish a small business cyber technology office to assist small business concerns in providing cybersecurity solutions to the Government, with a preference toward Veteran-owned small businesses (51%+ Veteran-owned).

Sanchez, Loretta (CA)

#2

Inserts language that would ensure that privacy and civil liberties groups would be part of the policy and procedures reviews.

Sanchez, Loretta (CA)

#3

Inserts language that would notify the Secretary of Homeland Security if any violations of the policies and procedures occurred.

Sanchez, Loretta (CA)

#4

Inserts language that would include the Inspector General of DHS in reporting the use of information shared by the federal government.

Sanchez, Loretta (CA)

#5

Inserts language that would include the Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security in issuing a report on assessing the privacy and civil liberties impact of this bill.

Schakowsky (IL), Schiff (CA), Thompson, Bennie (MS), Jackson Lee (TX), DeGette (CO), Polis (CO)

#23

Requires that the first point of sharing information with the federal government must be with a civilian agency, ensuring that the U.S. military or defense agencies do not directly collect or receive cyber information on American citizens.

Schiff (CA), Schakowsky (IL), Holt (NJ), Eshoo (CA), Thompson, Bennie (MS)

#11

Requires that private entities sharing information with the government or other private entities under the bill make “reasonable efforts” to remove Personally Identifiable Information of persons unrelated to the cyber threat.

Schneider, Bradley (IL)

#9

Clarifies that independent contractors are eligible for security clearances for purposes of employment to handle cyber threat intelligence and cyber threat information.

Sinema, Kyrsten (AZ)

#37

LATE Adds the Inspector General (IG) of DHS to the omnibus IG reporting requirement. Adds the DHS IG to rest of the group responsible for submitting an annual report to Congress. Adds the House Committee on Homeland Security and the Senate Committee on Homeland Security and Governmental Affairs to the recipients of the report.

Thompson, Bennie (MS)

#19

Requires the Director of National Intelligence to consult with “privacy and civil liberties stakeholders” in developing the privacy and civil liberties policies and procedures; (2) extend coverage under these policies and procedures to information used to identify a person or information or communications, records or system traffic; and (3) require annual reporting on implementation to Congress in an unclassified format, to the greatest extent practicable.

Wasserman Schultz (FL), Smith, Lamar (TX)

#22

Inserts the text of H.R. 744, the Stopping Tax Offenders and Prosecuting Identity Theft Act, which brings together several measures to strengthen criminal penalties and increase the prosecution rate of tax return identity thieves.