Senate Intelligence Leaders Release Cybersecurity Bill After Closed Markup

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Alexei Alexis

March 18 — Leaders of the Senate Intelligence Committee unveiled the text of cybersecurity legislation that was recently approved by the panel behind closed doors.

The measure (S. 754), the Cybersecurity Information Sharing Act of 2015, would establish liability safeguards for companies that voluntarily share cyberthreat information with government or industry partners and authorize private entities to take “defensive measures” to ensure the protection of their computer networks.

“This legislation provides important liability protection for entities that share cyber threat information as provided in the bill,” Senate Intelligence Committee Chairman Richard Burr (R-N.C.) said in a March 18 statement issued jointly with Committee Vice Chairman Dianne Feinstein (D-Calif.). “It further requires that both private and government entities remove personal information prior to sharing.”

Burr and Feinstein collaborated on the proposal, which was approved 14-1 by the committee in a closed markup on March 12.

‘Hacking Back' Barred

An earlier draft would have allowed targets of a cyberattack to take “countermeasures,” but that term was dropped because of concerns that it might open the door for companies to take offensive actions, such as “hacking back,” according to a Senate aide.

The committee-passed version clarifies that a “defensive measure” doesn't include an action that “destroys, renders unusable, or substantially harms an information system or data on an information system” belonging to another entity.

The bill would provide liability protection for information shared with the government only when it is done through a Department of Homeland Security portal, according to the statement from Burr and Feinstein. The committee removed liability protection for other forms of sharing information that were included in previous drafts, the statement said.

Burr said March 12 that the committee's 14-1 vote gives him “all the confidence in the world” to go to Senate Majority Leader Mitch McConnell (R-Ky.) and push for action on the Senate floor as soon as possible.

Sen. Ron Wyden (D-Ore.) issued a statement after the committee markup saying that he voted against the bill because of privacy concerns.

To contact the reporter on this story: Alexei Alexis in Washington at aalexis

To contact the editor responsible for this story: Heather Rothman at

The bill can be found at:


Request Bloomberg Law: Privacy & Data Security