Wednesday, April 25, 2012 - 6:30pm in H-313 The Capitol View Announcement »
Tuesday, April 24, 2012 - 4:30pm View Announcement »
Wednesday, April 25, 2012 - 6:30pm in H-313 The Capitol View Announcement »
Tuesday, April 24, 2012 - 4:30pm View Announcement »
Text of H.R. 3523 PDF
Rules Committee Print 112-20, showing text of the bill as reported with additional changes recommended by the Chair and Ranking Minority Member of the Permanent Select Committee on Intelligence
Text of H. Rept. 112-445 PDF
Report from the Permanent Select Committee on Intelligence
REPORTED BY VOICE VOTE on Wednesday, April 25, 2012.
FLOOR ACTION ON H. RES. 631:
Adopted by record vote of 236-185, after agreeing to the previous question of 241-179, on Thursday, April 26, 2012.
1. Structured rule for H.R. 3523.
2. Provides one hour of general debate equally divided and controlled by the chair and ranking minority member of the Permanent Select Committee on Intelligence.
3. Waives all points of order against consideration of the bill.
4. Makes in order as original text for purpose of amendment the amendment in the nature of a substitute consisting of the text of Rules Committee Print 112-20 and provides that it shall be considered as read.
5. Waives all points of order against consideration of the bill.
6. Makes in order only those amendments printed int he Rules Committee report. Each such amendment may be offered only int eh order printed in the report, may be offered only by a member designated int he report, shall be considered as read, shall be debatable for the time specified in the report equally divided and controlled by the proponent and an opponent, shall not be subject to amendment, and shall not be subject to a demand for division of the question.
7. Waives all points of order against the amendment in the nature of a substitute.
8. Provides one motion to recommit with or without instructions.
9. Provides that it shall be in order at any time through the legislative day of April 27, 2012, for the Speaker to entertain motions that the House suspend the rules, as though under clause 1 of rule XV, relating to the following measures: H.R. 2096, the Cybersecurity Enhancement Act of 2011; H.R. 3834, the Advancing America's Networking and Information Technology Research and Development Act of 2012; and H.R. 4257, the Federal Information Security Amendments Act of 2012.
10. Closed rule for H.R. 4628.
11. Provides one hour of debate equally divided and controlled by the chair and ranking minority member of the Committee on Education and the Workforce.
12. Waives all points of order against consideration of the bill and provides that it shall be considered as read.
13. Waives all points of order against provisions in the bill.
14. Provides one motion to recommit.
15. Provides that the Committee on Appropriations may, at any time before 6 p.m. on Wednesday, May 2, 2012, file privileged reports to accompany measures making appropriations for the fiscal year ending September 30, 2013.
|12||Version 1||Akin (MO)||Republican||Would prohibit private companies from sharing with the government personally identifiable information of users or customers without a court order or express written consent.||Submitted|
|33||Version 1||Amash (MI), Labrador (ID), Paul (TX), Nadler (NY), Polis (CO)||Bi-Partisan||Would prohibit the federal government from using, inter alia, library records, firearms sales records, and tax returns that it receives from private entities under CISPA.||Made In Order|
|43||Version 2||Barton (TX), Markey, Edward (MA)||Bi-Partisan||Late Revised Would instruct companies to only share consumers' personal information as needed to counteract a cyber attack and for no other purpose.||Submitted|
|24||Version 1||Broun (GA)||Republican||Withdrawn Would amend Section 2 (c) (1) to only allow the Federal Government to use cyber threat information for a cybersecurity purpose or for the protection of the national security of the United States.||Withdrawn|
|30||Version 2||Conyers (MI)||Democrat||Revised Would strike the exemption from criminal liability, strike the civil liability exemption for decisions made based upon cyber threat information identified, obtained, or shared under the bill, and ensure that those who negligently cause injury through the use of cybersecurity systems or the sharing of information are not exempt from potential civil liability.||Made In Order|
|31||Version 1||Conyers (MI)||Democrat||Would specify that the information authorized to be shared under the bill not be shared for the purpose of certain specified antitrust violations.||Submitted|
|3||Version 1||Flake, Jeff (AZ)||Republican||Would add a requirement to include a list of all federal agencies receiving information shared with the government in the report by the Inspector General of the Intelligence Community required under the legislation.||Made In Order|
|39||Version 1||Goodlatte (VA)||Republican||Would narrow definitions in the bill regarding what information may be identified, obtained, and shared.||Made In Order|
|20||Version 1||Hahn (CA)||Democrat||Withdrawn Would require the Secretary of DHS to conduct an internal review of cyber threat intelligence information shared with the department and destroy personally identifiable information that no longer serves a cybersecurity purpose. Would also encourage the Secretary to develop procedures that provide for the continuous destruction of any personally identifiable information that is unnecessary.||Withdrawn|
|40||Version 1||Heck (NV)||Republican||Late Withdrawn Would make clear that companies could voluntarily contract out of the liability protection provided in the bill in order to compete on the basis of privacy protections.||Withdrawn|
|10||Version 1||Jackson Lee (TX)||Democrat||Would ensure that The Director of National Intelligence in coordination with DHS Secretary shall on a continual basis identify and evaluate cybersecurity risks to critical infrastructure to the transportation systems sector for inclusion in annual risk assessments required under the Department of Homeland Security National Infrastructure Protection Plan.||Submitted|
|11||Version 1||Jackson Lee (TX)||Democrat||Would authorize the Secretary to intercept and deploy countermeasure with regard to system traffic for cybersecurity purposes in effect identification of cybersecurity risks to federal systems.||Made In Order|
|15||Version 1||Jackson Lee (TX)||Democrat||Withdrawn Would require outreach to women and minorities for business opportunities.||Withdrawn|
|16||Version 1||Jackson Lee (TX)||Democrat||Would provide that the DNI and the Secretary of DHS may establish a consortium to be known as the "Cyberintelligence Domestic Preparedness Consortium".||Submitted|
|17||Version 1||Jackson Lee (TX)||Democrat||Would require coordination between DNI and DHS when sharing with overseas affiliates.||Submitted|
|34||Version 1||Langevin (RI), Lungren (CA)||Bi-Partisan||Would expand eligibility to participate in the voluntary information sharing program created in the bill to include critical infrastructure owners and operators, which allows entities that are not entirely privately owned, such as airports, utilities, and public transit systems, to receive vital cybersecurity information and better secure their networks against cyber threats.||Made In Order|
|35||Version 1||Langevin (RI), Connolly (VA)||Democrat||Would create a National Office for Cyberspace in the Executive Office of the President and codify multiple policy recommendations made by the Obama Administration’s 60-Day Cyberspace Policy Review, public-private sector working groups such as the CSIS Commission on Cybersecurity for the 44th Presidency, and GAO for remedying security deficiencies throughout the federal government.||Submitted|
|9||Version 1||Lewis, John (GA)||Democrat||Would protect lawful protestors from unwarranted surveillance.||Submitted|
|25||Version 2||Lofgren (CA), Paul (TX), Polis (CO), Hastings, Alcee (FL)||Bi-Partisan||Revised Would restrict the Federal Government's use of the information it collects under the Act to cybersecurity purposes. Would also allow for law enforcement use upon probable cause that the information is relevant and material to an investigation of a federal crime (limited to wiretap predicates, in 18 USC 2516).||Submitted|
|32||Version 1||McNerney (CA)||Democrat||Would prevent states or their subdivisions from requiring that private entities locate data centers in their jurisdiction as a condition of doing business in that area. Would not apply to data centers solely serving governmental purposes.||Submitted|
|29||Version 1||Mulvaney (SC)||Republican||Would sunset the provisions of the bill five years after the date of enactment.||Made In Order|
|41||Version 1||Mulvaney (SC), Dicks (WA)||Bi-Partisan||Late Would provide clear authority to the government to create reasonable procedures to protect privacy and civil liberties, consistent with the need of the government to protect federal systems and cybersecurity. Would also prohibit the federal government from retaining or using information shared pursuant to paragraph (b)(1) for anything other than a use permitted under paragraph (c)(1).||Made In Order|
|14||Version 1||Myrick (NC), Wolf (VA)||Republican||Withdrawn Would exclude certain entities from the definition of a "private-sector entity". Would make clear to the Director of National Intelligence that such companies are not suitable partners for the U.S., and ensure that any sharing of U.S. government information on cybersecurity excludes such entities.||Withdrawn|
|8||Version 1||Nadler (NY)||Democrat||Would improve the ability of Americans to hold its government accountable for violations of provisions of the bill. Specifically, it would (1) change to the statute of limitations to allow civil actions two years after a complainant knew or should have known of a violation, (2) allow civil actions if the government violates a provision of the bill due to negligence, and (3) allows complainants to obtain injunctive relief.||Submitted|
|1||Version 1||Paulsen (MN)||Republican||Would encourage international cooperation on cyber security where feasible.||Made In Order|
|36||Version 1||Pompeo (KS)||Republican||Would make clear in the bill’s liability provision that the reference to the use of cybersecurity systems is the use of such systems to identify and obtain cyber threat information.||Made In Order|
|37||Version 1||Pompeo (KS)||Republican||Would clarify that nothing in the bill would alter existing authorities or provide new authority to any federal agency, including DOD, NSA, DHS or the Intelligence Community to install, employ, or otherwise use cybersecurity systems on private sector networks.||Made In Order|
|38||Version 1||Quayle (AZ), Eshoo (CA), Thompson, Mike (CA), Broun (GA)||Bi-Partisan||Would limit government use of shared cyber threat information to only 5 purposes: 1) cybersecurity; 2) investigation and prosecution of cybersecurity crimes; 3) protection of individuals from the danger of death or physical injury; 4) protection of minors from physical or psychological harm; and 5) protection of the national security of the United States.||Made In Order|
|13||Version 1||Quigley (IL)||Democrat||Would only allow material shared with the Federal Government to be exempt from FOIA if the Director of National Intelligence determines, in writing, that the security interest in preventing disclosure of such information outweighs the public interest in disclosing such information. Requires the DNI to make the determination available to the public.||Submitted|
|7||Version 1||Richardson (CA)||Democrat||Would make explicit that nothing in the legislation would prohibit a department or agency of the federal government from providing cyber threat information to owners and operators of critical infrastructure.||Made In Order|
|27||Version 1||Richmond (LA)||Democrat||Would require that any federal agency receiving cyber threat information from the private sector shall provide it to the National Cybersecurity and Communications Integrations Center of the Department of Homeland Security “upon receipt."||Submitted|
|28||Version 1||Richmond (LA)||Democrat||Would require that any federal agency receiving cyber threat information from the private sector shall provide it to the National Cybersecurity and Communications Integrations Center of the Department of Homeland Security “as soon as practicable."||Submitted|
|42||Version 1||Rogers, Mike (MI), Ruppersberger (MD), Issa (CA), Langevin (RI)||Bi-Partisan||Late Would make clear that regulatory information already required to be provided remains FOIAable under current law.||Made In Order|
|2||Version 1||Sanchez, Loretta (CA)||Democrat||Would provide guidelines for any department or agency in the Federal government who are charged with border search and seizure of electronic devices.||Submitted|
|18||Version 1||Schakowsky (IL), Thompson, Bennie (MS), Sanchez, Loretta (CA)||Democrat||Would require reasonable efforts to be made to remove personally identifiable information, unrelated to a cybersecurity threat, shared in accordance with this legislation.||Submitted|
|19||Version 1||Schakowsky (IL), Sanchez, Loretta (CA)||Democrat||Would specify that entities can only share cyber threat information with civilian federal agencies.||Submitted|
|26||Version 1||Schiff (CA), Schakowsky (IL), Hastings, Alcee (FL)||Democrat||Would put in place additional protections for civil liberties and privacy, including minimization of personally identifiable information, restrictions on the usage of cyber threat information, and ensures civilian oversight of cybersecurity. Would also alter definitions to more specifically define cyber threat information and cyber security information.||Submitted|
|21||Version 1||Thompson, Bennie (MS), Paul (TX), Sanchez, Loretta (CA), Clarke (NY), Hastings, Alcee (FL), Polis (CO)||Bi-Partisan||Would direct that cyber threat information shared from the private sector to the government would go through Department of Homeland Security or another civilian Federal agency.||Submitted|
|22||Version 1||Thompson, Bennie (MS), Paul (TX), Sanchez, Loretta (CA), Amash (MI)||Bi-Partisan||Would mandate the development of policies and procedures governing the acquisition, interception, retention, use, and disclosure of communications, records, system traffic, or other information associated with specific persons by the Federal Government in connection with the activities authorized by the underlying bill to foster more robust privacy and civil liberties protections.||Submitted|
|23||Version 1||Thompson, Bennie (MS), Langevin (RI), Sanchez, Loretta (CA), Hastings, Alcee (FL)||Democrat||Would authorize existing activities of the Department of Homeland Security for securing Federal networks and supporting private sector cybersecurity efforts. Would also put in place a framework by which the Secretary would determine which infrastructure sectors are critical to our Nation, conduct risk assessments of those sectors, develop and disseminate best practices for mitigating cybersecurity risks, and work with existing regulatory agencies of critical infrastructure to incorporate best practices into existing regulations, where necessary.||Submitted|
|6||Version 1||Turner (OH)||Republican||Would make a technical correction to definitions in Section 2 (g) to provide consistency with other cyber security policies within the Executive branch and the Department of Defense.||Made In Order|
|4||Version 1||Woodall (GA)||Republican||Would ensure that those who choose not to participate in the voluntary program authorized by this bill are not subject to new liabilities.||Made In Order|
|5||Version 1||Woodall (GA), Hahn (CA)||Bi-Partisan||Would hold federal government liable should the rules regarding disclosure, use, and protection of sensitive information be violated due to negligence on the part of the relevant department or agency.||Submitted|