/  H.R. 624—Cyber Intelligence Sharing...

H.R. 624 - Cyber Intelligence Sharing and Protection Act

Bill Text

  • Text of H.R. 624 PDF XML

    Cyber Intelligence Sharing and Protection Act (as introduced in House)

  • Rules Committee Print 113-7 PDF XML

    Showing the text of H.R. 624 as ordered reported by the Permanent Select Committee on Intelligence with a modification

  • Text of H. Rept. 113-39 PDF XML

    Report from the Permanent Select Committee on Intelligence

Rule Information

COMMITTEE ACTION:
REPORTED BY VOICE VOTE on Tuesday, April 16, 2013.

FLOOR ACTION ON H. RES. 164: 
Agreed to by record vote of 227-192, after agreeing to H. Amnt. 41 by voice vote, on Wednesday, April 17, 2013. 

MANAGERS: Woodall/Hastings (FL)

1. Structured rule.

2. Provides one hour of general debate equally divided and controlled by the chair and ranking minority member of the Permanent Select Committee on Intelligence.

3. Waives all points of order against consideration of the bill.

4. Makes in order as original text for the purpose of amendment an amendment in the nature of a substitute consisting of the text of Rules Committee Print 113-7 and provides that it shall be considered as read.

5. Waives all points of order against the amendment in the nature of a substitute.

6. Makes in order only those further amendments printed in the Rules Committee report. Each such amendment may be offered only in the order printed in the report, may be offered only by a Member designated in the report, shall be considered as read, shall be debatable for the time specified in the report equally divided and controlled by the proponent and an opponent, shall not be subject to amendment, shall not be subject to a demand for division of the question.

7. Waives all points of order against the amendments printed in the report.

8. Provides one motion to recommit with or without instructions.

Additional Support Documents

  • Text of Amendment to H. Res. 164 (adopted on 4/17/2013) [PDF]
    This amendment to the rule allows for consideration of a revised McCaul amendment that reflects compromise language agreed to by relevant committees; it will be debated before final passage at the end of amendment debate.     
  • Text of Modification to Amendment Number 13 to H.R. 624 (propounded by unanimous consent on 4/18/2013) [PDF]

Amendments

Click headers to sort.

#Version #Sponsor(s)PartySummaryStatus
31Version 1Amash (MI), Massie (KY), Polis (CO), Radel, Trey (FL), Broun (GA), DeSantis, Ron (FL)Bi-PartisanPermits an entity to provide through enforceable contract that it will not share personally identifiable information with the federal government.Submitted
32Version 1Amash (MI), Massie (KY), Polis (CO), Broun (GA)Bi-PartisanProhibits the federal government from using, inter alia, library records, firearms sales records, and tax returns that it receives from private entities under CISPA.Made in Order
8Version 1Barton (TX)RepublicanClarifies that companies sharing cyber threat information with other companies cannot treat this sharing relationship as a loophole to sell a consumer's personal information for a marketing purpose. Made in Order
24Version 1Bustos, Cheri (IL)DemocratRequires an annual report to Congress with recommendations on workforce needs and related education and training needs to meet future cybersecurity threats, as well as an annual report on recommendations for retraining Veterans and members of the Armed Forces into roles combating cyber threats.Submitted
26Version 1Crdenas, Tony (CA)DemocratRequires the Director of National Intelligence to establish an outreach program to assist small businesses in cyber threat education.Submitted
33Version 1Connolly (VA)DemocratFurther defines how classified cyber threat intelligence may be shared and used. Adds an additional provision stipulating that classified threat intelligence may only be used, retained, or further disclosed by a certified entity only for cybersecurity purposes. Made in Order
39Version 1Connolly (VA)DemocratLate Strengthens the policies and procedures governing the receipt, retention, use, and disclosure of non-publicly available cyber threat information shared with the Federal Government.Submitted
40Version 1Connolly (VA)DemocratLate Stipulates that the liability provisions for private sector entities are contingent upon the Privacy and Civil Liberties Oversight Board being operational.Submitted
41Version 1Connolly (VA)DemocratLate Prohibits an internet service provider from being granted immunity if acting as an agent of the Federal government.Submitted
7Version 1Conyers (MI), Schakowsky (IL), Jackson Lee (TX), Johnson, Hank (GA), Holt (NJ)DemocratAmends liabilty exemption to exclude "decisions made" from coverage. Made in Order
30Version 1Enyart, William (IL)DemocratRequires the Inspector General (IG) of the Intelligence Community, in consultation with each IG of each federal government department or agency to submit to Congress a report reviewing cyber threats to manufacturing and agricultural production in the U.S. The report is due within 180 days of CISPA’s enactment, and then semiannually thereafter. Submitted
1Version 1Franks (AZ)RepublicanWithdrawn Broadens the definitions of Cyber Threat Information, Cyber Threat Intelligence, Cybersecurity Purpose, and Cybersecurity System within CISPA to ensure these terms include vulnerabilities to natural and manmade electromagnetic pulse. Withdrawn
10Version 1Grayson (FL)DemocratRequires the federal government to obtain a warrant before it conducts an affirmative search on information shared with it under the authority of this bill. Specifically, strikes “for a purpose other than a purpose referred to in paragraph (1)” on p. 11, beginning on line 23, and inserts “without a warrant obtained in accordance with the fourth amendment to the Constitution of the United States”.Submitted
13Version 1Jackson Lee (TX)DemocratProtects Internet users by promoting responsible actions by private entities and individuals seeking to address cyber security threats. The amendment limits liability protection to steps taken to secure an entity's network while under cyber attack, but would not extend protection to offensive actions taken against external networks or perceived threats. Submitted
14Version 1Jackson Lee (TX)DemocratExpresses the Sense of the Congress that the United States should work for international cooperative agreements to protect critical infrastructure and institutions from cyber threats. Electric Utility grids, refineries, oil and gas extraction systems, pipelines, water treatment systems, sewage systems, medical devices and hospitals should be among the systems that are protected.Submitted
15Version 1Jackson Lee (TX)DemocratEnhances privacy protection by preventing unnecessary disclosures of personal information by limiting reporting in cases involving an imminent threat of harm or death. Assists agencies in focusing resources on matters of greatest threat to national cyber security.Submitted
16Version 1Jackson Lee (TX)DemocratExpresses the Sense of the Congress that all Federal Government computing devices should be protected by strong encryption to secure information while at rest and in transit and digital information stored on computers and on network, and information sent over the Internet should be secured against abuse or misuse.Submitted
17Version 1Jackson Lee (TX)DemocratClarifies that cyber security service providers need only provide information about cyber security incidents if they pose a threat to the government’s information and protects individuals’ private data from being accessed by the government solely because it is stored by a company that provides information services to a government agencyMade in Order
18Version 1Jackson Lee (TX)DemocratExpresses the Sense of the Congress that the United States should work for international cooperative agreements to protect critical infrastructure and institutions from cyber threats, and ensure that all Federal Government computing devices use strong encryption to secure government information against abuse or misuse.Submitted
34Version 2Jackson Lee (TX)DemocratRevised Designates the Department of Homeland Security as the lead agency on cybersecurity.Submitted
25Version 1Johnson, Hank (GA)DemocratLimits information sharing with law enforcement agencies to only include imminent cybersecurity threats. Strikes other forms of information sharing with law enforcement. Submitted
27Version 1Kilmer, Derek (WA)DemocratEstablishes a Cybersecurity Technology Commercialization Office.Submitted
35Version 1Langevin (RI)DemocratReplaces the term “local” with “political subdivision”, which allows the inclusion of utility “districts” that would not otherwise be covered but that are intended to be covered in the bill.Made in Order
42Version 1McCaul (TX), Rogers, Mike (MI), Ruppersberger (MD), Thompson, Bennie (MS)Bi-PartisanLate Establishs a primary point of receipt in the Federal Government for cyber threat information sharing at the Department of Homeland Security. Submitted
12Version 1McNerney (CA)DemocratRequires the Secretary of Homeland Security, instead of the Director of National Intelligence, to establish and review the policies and procedures governing the receipt, retention, use, and disclosure of non-publicly available cyber threat information shared with the federal government. Submitted
6Version 1Paulsen (MN)RepublicanEstablishes the sense of congress that international cooperation should be encouraged where possible in regards to cyber security.Made in Order
36Version 1Perlmutter (CO), Welch (VT)DemocratWithdrawn Prohibits the requirement of access to an employee's personal social media accounts by an employer as a means of obtaining or retaining employment. Exceptions to this access include when classified information, or an employee has explicitly shared private organizational information. Withdrawn
38Version 1Peters, Scott (CA)DemocratLate Establishes a National Economic and Critical Industry Intelligence Center. Requires the Director of National Intelligence to establish a National Economic and Critical Industry Intelligence Center that assesses the impact of cyber attacks on industries of national importance and how those attacks threaten national security.Submitted
20Version 2Polis (CO)DemocratRevised Limits the federal government’s use of data only for cybersecurity purposes pursuant to the title and purpose of the bill. The amendment also narrows the law enforcement exception to only instances of “imminent” danger.Submitted
28Version 1Rogers, Mike (MI)RepublicanCorrects reported language concerning a reference in subsection (c)(4) to the procedures created in (c)(7).Made in Order
29Version 1Rogers, Mike (MI)RepublicanMakes clear that nothing in this bill authorizes the government to target a US person for surveillance.Made in Order
21Version 1Ruiz, Raul (CA)DemocratRequires the Director of National Intelligence to establish a small business cyber technology office to assist small business concerns in providing cybersecurity solutions to the Government, with a preference toward Veteran-owned small businesses (51%+ Veteran-owned).Submitted
2Version 1Sanchez, Loretta (CA)DemocratInserts language that would ensure that privacy and civil liberties groups would be part of the policy and procedures reviews.Submitted
3Version 1Sanchez, Loretta (CA)DemocratInserts language that would notify the Secretary of Homeland Security if any violations of the policies and procedures occurred. Submitted
4Version 1Sanchez, Loretta (CA)DemocratInserts language that would include the Inspector General of DHS in reporting the use of information shared by the federal government. Submitted
5Version 1Sanchez, Loretta (CA)DemocratInserts language that would include the Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security in issuing a report on assessing the privacy and civil liberties impact of this bill. Made in Order
23Version 1Schakowsky (IL), Schiff (CA), Thompson, Bennie (MS), Jackson Lee (TX), DeGette (CO), Polis (CO)DemocratRequires that the first point of sharing information with the federal government must be with a civilian agency, ensuring that the U.S. military or defense agencies do not directly collect or receive cyber information on American citizens. Submitted
11Version 1Schiff (CA), Schakowsky (IL), Holt (NJ), Eshoo (CA), Thompson, Bennie (MS)DemocratRequires that private entities sharing information with the government or other private entities under the bill make “reasonable efforts” to remove Personally Identifiable Information of persons unrelated to the cyber threat.Submitted
9Version 1Schneider, Bradley (IL)DemocratClarifies that independent contractors are eligible for security clearances for purposes of employment to handle cyber threat intelligence and cyber threat information.Made in Order
37Version 1Sinema, Kyrsten (AZ)DemocratLate Adds the Inspector General (IG) of DHS to the omnibus IG reporting requirement. Adds the DHS IG to rest of the group responsible for submitting an annual report to Congress. Adds the House Committee on Homeland Security and the Senate Committee on Homeland Security and Governmental Affairs to the recipients of the report.Made in Order
19Version 1Thompson, Bennie (MS)DemocratRequires the Director of National Intelligence to consult with “privacy and civil liberties stakeholders” in developing the privacy and civil liberties policies and procedures; (2) extend coverage under these policies and procedures to information used to identify a person or information or communications, records or system traffic; and (3) require annual reporting on implementation to Congress in an unclassified format, to the greatest extent practicable.Submitted
22Version 1Wasserman Schultz (FL), Smith, Lamar (TX)Bi-PartisanInserts the text of H.R. 744, the Stopping Tax Offenders and Prosecuting Identity Theft Act, which brings together several measures to strengthen criminal penalties and increase the prosecution rate of tax return identity thieves.Submitted