Two men share securities regulation news

Breaking news and expert analysis on legal and compliance issues

[Back To Home][Back To Archives]

From Securities Regulation Daily, October 27, 2015

Senate passes CISA, conference with House looms

By Mark S. Nelson, J.D.

Cybersecurity legislation that has been years in the making and spanned several Congresses finally got a full Senate vote after months of bickering by senators over whether to let members offer amendments to the Cybersecurity Information Sharing Act of 2015. The measure, as amended, passed by a vote of 74-21.

Senate Majority Leader Mitch McConnell (R-Ky) told members that cybersecurity is a “complicated issue” while thanking the bill’s sponsors, Senate Intelligence Committee Chairman Richard Burr (R-NC), and committee Vice Chairman Sen. Dianne Feinstein (D-Cal), for their efforts at reaching a bipartisan deal. Chairman Burr said “now the work begins as we go to conference.” Senator Feinstein acknowledged the role of Sen. Thomas R. Carper (D-Del) in brokering a compromise on the Department of Homeland Security portal, while noting the bill was backed by the Obama Administration.

Last week, Chairman Burr and Sen. Feinstein advanced a managers’ package they said dealt with members’ worries. Still, the chamber was set to vote on at least seven amendments before voting on passage which, now that it has happened, will lead to a conference with the House over its similar bills.

Sunset and privacy. A revision advocated by Sen. Jeff Flake (R-Ariz) originally called for adding a six-year sunset provision. But Chairman Burr’s early remarks today indicated that senators had reached agreement on a longer period. When his time arrived, Sen. Flake offered a new amendment that would impose a 10-year sunset, a time frame that he said would allow for a periodic look-back at the law, as is required for some other national security-themed laws. The Flake amendment was adopted on a voice vote.

Yet the day began with Sen. Ron Wyden (D-Or) again pushing for his amendment that would require tougher privacy standards that he said were backed by groups across the political spectrum, including FreedomWorks, whose statement he asked to become part of the Senate’s record. Chairman Burr told members the bill already had enjoyed a “wholesome” debate, while Sen. Feinstein objected that Sen. Wyden’s change would deprive businesses of needed clarity. The Wyden amendment fell by a recorded vote of 41-55, as did a “middle ground” amendment offered by Sen. Dean Heller (R-Nev), albeit by a closer 47-49 vote.

The Freedom of Information Act exemption amendment put forward by Patrick J. Leahy (D-Vt) would have lessened the preemptive impact on state and local laws posed by the existing terms of the cybersecurity bill. Sen. Feinstein had the unenviable task of opposing the amendment after colleagues lauded Sen. Leahy for having just cast his 15,000th vote. Sen. Feinstein said the alteration would lessen information sharing and that the managers’ amendment had already tweaked the bill for the better. The amendment fell by a vote of 37-59.

Senator Al Franken (D-Minn) said the bill must clarify the meaning of “cybersecurity threat” and “cyber threat indicator.” The senator argued that his amendment to do this would fix two problems: improve the privacy balance contained in the bill and avoid a situation where agencies get too much data to review. But Chairman Burr reiterated that amendments like Sen. Franken’s would upset the “delicate balance” achieved by the managers’ package. The amendment lost by a vote of 35-60.

Portals and scrubs. An afternoon session to work through more amendments focused on the single portal established by the managers’ package. Sen. Tom Cotton (R-Ark) offered an amendment that would allow sharing of threat information with the Federal Bureau of Investigation or the Secret Service. The senator said this was especially important for businesses that do not have federal regulators. Sen. Cotton showed a graphic during his floor remarks that he said depicted a White House tweet that backed his view, yet the Administration has indicated its reluctance to embrace new or expanded liability protections for information sharing channels.

Earlier, Sen. Carper urged members to vote down the Cotton amendment so the chamber can vote on the bill and move to a conference with the House. According to the senator, Sen. Cotton was pushing a “dangerous amendment” that would presage a return to the “stovepipe” mentality that characterized U.S. intelligence agencies’ inability to share information before past attacks.

Chairman Burr spelled out how he wanted the Senate to proceed to a final vote on the bill, but not before urging members to vote against the Cotton amendment. He called Sen. Cotton’s bid to create a new portal for retailers to share information a “deal killer” because it would undermine the compromise struck by the bill’s managers to set up a single portal. The amendment failed on a recorded vote of 22-73.

Another late day amendment by Sen. Christopher A. Coons (D-Del) would require DHS to scrub personal data unnecessary to identify or describe a cybersecurity threat prior to sharing data with other agencies. But Senator Feinstein warned that it creates too many layers of review that could slow information sharing. She urged a “No” vote because the issue was fixed when the managers’ package added a provision advocated by Sen. Carper. The Coons amendment failed by a vote of 41-54.

MainStory: TopStory CorporateGovernance FinancialIntermediaries RiskManagement

Back to Top

Securities Regulation Daily

Introducing Wolters Kluwer Securities Regulation Daily — a daily reporting service created by attorneys, for attorneys — providing same-day coverage of breaking news, court decisions, legislation, and regulatory activity.

A complete daily report of the news that affects your world

  • View full summaries of federal and state court decisions.
  • Access full text of legislative and regulatory developments.
  • Customize your daily email by topic and/or jurisdiction.
  • Search archives for stories of interest.

Not just news — the right news

  • Get expert analysis written by subject matter specialists—created by attorneys for attorneys.
  • Track law firms and organizations in the headlines with our new “Who’s in the News” feature.
  • Promote your firm with our new reprint policy.

24/7 access for a 24/7 world

  • Forward information with special copyright permissions, encouraging collaboration between counsel and colleagues.
  • Save time with mobile apps for your BlackBerry, iPhone, iPad, Android, or Kindle.
  • Access all links from any mobile device without being prompted for user name and password.