WASHINGTON — Pro-business legislation aimed at helping companies fend off sophisticated foreign hackers sailed through the House on Thursday despite a White House veto threat and an outcry from privacy advocates and civil liberties groups that say it leaves Americans vulnerable to spying by the military.
The House vote, 288-127, puts the spotlight on the Senate, which hasn't taken up the issue and is consumed with other high-profile issues such as gun control and immigration. The lack of enthusiasm in the Senate and objections by the White House mean that the legislation is in limbo despite an aggressive push by lobbyists representing nearly every corner of industry.
But supporters said they were gaining momentum: Despite the White House veto threat, 92 Democrats voted for the measure, compared with only 42 for a similar bill last year.
The Cyber Intelligence Sharing and Protection Act, or CISPA, is widely backed by industry groups that say businesses are struggling to defend themselves against aggressive and sophisticated attacks from hackers in China, Russia and Eastern Europe.
Hackers haven't been able to deliver crippling blows to the U.S. economy or infrastructure, but they have been able to wreak havoc on some key commercial systems. Most recently several news outlets, including The New York Times, acknowledged that their systems had been penetrated, while banks are said to be quietly fighting daily intrusions. North Korea was held responsible recently for a cyberattack that shut down tens of thousands of computers and servers at South Korean broadcasters and banks.
The bill, said House Intelligence Committee Chairman Rep. Mike Rogers, R-Mich., strikes "that right balance between our privacy, civil liberties and stopping bad guys in their tracks from ruining what is one-sixth of the U.S. economy."
Under the legislation, businesses and the federal government would be able to share technical data without worrying about anti-trust or classification laws. The bill also would grant businesses legal immunity if hacked so long as they acted in good faith to protect their networks. The bill is sponsored by Rogers and Rep. Dutch Ruppersberger, D-Md., the panel's top Democrat.
But privacy advocates and civil liberties groups say the bill would open up Americans' most private online records to the federal government. The bill doesn't include a requirement that companies scrub data of sensitive information such as health or credit records before sharing it with the government.
In its veto threat issued Tuesday, the White House echoed that concern.