Jimm Phillips

The Senate Intelligence Committee’s proposed cybersecurity information sharing bill is currently called the Cybersecurity Information Sharing Act, according to a discussion draft leaked to The Washington Post (http://bit.ly/1rBOGFa). Intelligence Chairwoman Dianne Feinstein, D-Calif., and committee ranking member Saxby Chambliss, R-Ga., have been leading development of the bill. Spokesmen for both senators did not respond to requests for confirmation of the draft’s authenticity. The committee had been seeking industry comment on the bill before the leak, an industry official told us. The draft includes liability protections that would prohibit lawsuits against entities sharing cyberthreat information with “any other entity or the federal government.” Several observers told us the draft closely resembles the House-passed Cyber Intelligence Sharing and Protection Act (CISPA), albeit with an expected increase in privacy protections (CD April 23 p7). The bill would direct the Secretary of Homeland Security, Director of National Intelligence and Attorney General to develop and execute procedures that would allow the “timely sharing” of classified and declassified cyberthreat information between the federal government and “appropriate entities,” along with the public release of some declassified threat information. The bill contains several privacy protections, including requiring any shared cyberthreat information be stripped of “any information contained within such indicators that is known to be personal information of or identifying a United States person, not directly related to a cybersecurity threat.” The bill would only allow law enforcement agencies to use shared information with the written consent of entities involved, but allows for oral consent when “the need for immediate use prevents obtaining written consent.” The Privacy and Civil Liberties Oversight Board would be required to issue a report every two years assessing the privacy and civil liberties impacts of cyberinformation sharing and assess current protections. Involved federal agencies and their inspectors general would also be required to issue biennial reports on implementation of the bill. The leak of the Senate Intelligence draft, whether authorized or not, likely indicates the committee is “getting close” to formally introducing the Cybersecurity Information Sharing Act, said James Lewis, director of the Center for Strategic and International Studies’ Technology and Public Policy program. Several observers have said they're skeptical that Senate Intelligence can clear a cyberinformation sharing bill in time to get it through the full Senate and conference with the House, particularly given the fallout over controversial National Security Agency surveillance programs. The draft bill is “one of the most vanilla” cyber bills possible, and has more support from the White House than CISPA (HR-624) because of the enhanced privacy protections, Lewis said. But Senate Intelligence likely only has about five or six weeks to “see if they can get this one moved,” he said. “The issue is, starting at about the end of May, people will begin to think more about re-election and less about legislation.”

Stakeholders across the spectrum on the patent revamp legislation debate were waiting at our deadline Monday for the Senate Judiciary Committee to release the final language of a long-awaited compromise on the Patent Transparency and Improvements Act (S-1720). Stakeholders had widely anticipated the committee would release the compromise, contained in a manager’s amendment, when the Senate returned from recess Monday. The timing of the compromise’s release could signal whether the committee would be able to mark up S-1720 this week, stakeholders told us. Several said last week that they were optimistic that Senate Judiciary would finally move on S-1720 following positive negotiations over the two-week recess, which followed multiple postponements of the markup. Those negotiations yielded a draft compromise from Sens. John Cornyn, R-Texas, and Chuck Schumer, D-N.Y., that included language for several controversial provisions not in the original S-1720 (CD April 28 p10).

The Senate Judiciary Committee returns this week ready to consider the Patent Transparency and Improvements Act, after using the recess to further refine a compromise on S-1720 that stakeholders told us they're optimistic will pass the committee. Senate Judiciary had postponed a vote multiple times before recess, but said just before the break that it reached a broadly defined compromise on controversial aspects (CD April 11 p9). Senate Judiciary scheduled a markup of S-1720 as part of an executive business meeting at 10 a.m. Thursday in 226 Dirksen.

A Senate companion to the House-passed Cyber Intelligence Sharing and Protection Act (HR-624) remains stalled in the Senate Intelligence Committee, as had been expected at the beginning of the year (CD Jan 6 p2). Industry observers told us they continue to see limited prospects for any information sharing bill to emerge from Senate Intelligence and pass the full Senate by the end of the current Congress. At the same time, agencies’ sharing efforts have begun to coalesce in a way that makes legislation less necessary in the near term, some experts say.

George Mason University’s Mercatus Center criticized recent federal government efforts to improve cybersecurity protections for critical infrastructure sectors, arguing in a report Thursday that those efforts “trade emergent resilience of the Internet for opaque control of it” (http://bit.ly/1nsRnsc). President Barack Obama’s 2013 cybersecurity executive order, among other things, resulted in the National Institute of Standards and Technology’s collaboration with the private sector on the voluntary Cybersecurity Framework, with the “Version 1.0” framework going public in mid-February. The Department of Homeland Security is now using its Critical Infrastructure Cyber Community program to encourage the private sector to use the framework (CD Feb 13 p5).

The recently publicized Heartbleed bug (CD April 11 p13 ) is part of a “continuous cycle of weaknesses” that federal agencies regularly identify as they work to improve federal networks’ cybersecurity, said Rear Adm. Robert Day, commander of the U.S. Coast Guard Cyber Command, during an Armed Forces Communications & Electronics Association event Monday. The Department of Homeland Security (DHS), which is responsible for cybersecurity on the .gov domain, said Friday that “core” publicly facing .gov sites are not vulnerable to Heartbleed and that it’s coordinating with other agencies to ensure other .gov sites are protected.

The Senate Judiciary Committee’s tentative deal on a compromise version of the Patent Transparency and Improvements Act (S-1720) is a step forward in its effort to curb abusive patent litigation, but its decision to delay a vote until after the upcoming two-week recess could affect the outcome, stakeholders told us Thursday. Chairman Patrick Leahy, D-Vt., said in a statement Wednesday that the committee had reached “a broad bipartisan agreement in principle” on the compromise, to be contained in a manager’s amendment. “This is a complex issue and we need additional time to draft the important provisions that have been the subject of discussion,” he said. Leahy said he plans to circulate a finalized manager’s amendment as soon as the Senate returns from the recess, which begins Friday, and the committee will consider S-1720 the same week. Senate Judiciary had already delayed the S-1720 markup three times, most recently postponing a meeting set for Tuesday specifically to consider the bill (CD April 9 p13).

The Senate Judiciary Committee appeared unlikely to mark up the Patent Transparency and Improvements Act (S-1720) Thursday, two stakeholders told us. “Thursday is going to be a stretch,” said Daniel Nazer, an Electronic Frontier Foundation staff attorney who’s focusing on Capitol Hill’s patent revamp efforts. The committee postponed the S-1720 markup Tuesday amid continued disagreements about controversial provisions in the bill, but Chairman Patrick Leahy, D-Vt., had said he hoped the committee would reach a deal in time to consider it Thursday (CD April 9 p13). Senate Judiciary had not rescheduled its executive business meeting, during which the committee would mark up the bill, at our deadline Wednesday. If the committee does not mark up S-1720 this week, it will have to wait until after the upcoming two-week recess. Members of the committee were still disagreeing over several longstanding issues in the bill, including the language in a proposed fee-shifting provision, an industry lawyer said.

Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., blamed committee Republicans Tuesday for prompting a new delay in the committee’s consideration of the Patent Transparency and Improvements Act (S-1720) but said in a statement that he hoped the committee would reach a deal by the end of the day. Senate Judiciary planned to mark up S-1720 Tuesday afternoon (CD April 8 p13), but postponed that markup to 10 a.m. Thursday in 226 Dirksen. The House Commerce Subcommittee also took on patent abuse Tuesday, holding a hearing exploring possible legislation aimed at curbing abusive pre-litigation patent demand letters.

The Senate Judiciary Committee remained scheduled at our deadline Monday to mark up the Patent Transparency and Improvements Act (S-1720) Tuesday, but it remained unclear if the committee would be able to reach an agreement in time, industry officials told us. The committee is set to meet at 2:30 p.m. in 106 Dirksen. Senate Judiciary had scheduled the Tuesday meeting so the S-1720 markup would not bog down the committee’s regular Thursday session, but it may still end up on the docket for Thursday, an industry lawyer said. Chairman Patrick Leahy, D-Vt., said in a statement Monday that he still hopes “we can begin consideration of that package tomorrow.” Leahy and other members of the committee have said for weeks that negotiations are close to completion on a compromise version of S-1720, the Senate’s marquee bill to curb patent litigation abuse (CD April 4 p9).