Time for a reboot? The White House on Wednesday shocked lawmakers and advocacy groups by announcing that President Obama would veto a proposed national cybersecurity bill known as CISPA if it reaches his desk in its current form.
That news was unequivocally bad for the bill’s sponsors and backers, coming as it did just two days before the full House of Representatives was set to vote on the bill on Friday. Even if it passes, CISPA, which stands for the Cyber Intelligence Sharing and Protection Act, would still have to be passed by the Senate and signed by the President to become law.
The White House made its displeasure with the current version of CISPA known in a lengthy statement of administration policy (SAP) emailed out late Wednesday afternoon, criticizing the bill for lacking “sufficient limitations on the sharing of personally identifiable information,” and for failing to “ensure that the nation’s core critical infrastructure is protected.”
“I think this can be a game change for rank-and-file members,” said Michelle Richardson, an attorney based in Washington, D.C. specializing in cybersecurity issues for the American Civil Liberties Union, in a phone interview with TPM.
Richardson suggested that despite CISPA having the support of over 112 members of the House of Representatives and numerous industry groups and companies, including Facebook, the bill could get voted down on Friday.
“It’s the other 323 members who haven’t yet taken a stance that will ultimately decide the fate of this bill,” Richardson said.
The ACLU is one of several advocacy groups staunchly opposed to CISPA over concerns that the bill’s language is so broad that it would allow companies and U.S. intelligence agencies to share unprecedented amounts of personally identifiable information about Web users without proper oversight and accountability.
Meanwhile, CISPA’s primary sponsors, Rep. Mike Rogers (R-MI) and Rep. C.A. “Dutch” Ruppersberger (D-MD), chairman and ranking member of the House Intelligence Committee, respectively, released a sharp statement brushing off the White House’s veto threat as one without substance behind it:
“The basis for the Administration’s view is mostly based on the lack of critical infrastructure regulation, something outside of our jurisdiction. We would also draw the White House’s attention to the substantial package of privacy and civil liberties improvement announced yesterday which will be added to the bill on the floor.”
Indeed, Rogers and Ruppersberger on Tuesday announced that they had agreed to five separate amendments to CISPA that would seek to define more narrowly the kind of information that could be collected under the proposed law — excluding information pertaining to “violations of consumer terms of service,” and other more benign infractions by Web users.
The ACLU, though, has criticized these amendments as window dressing.
The White House’s threatened veto didn’t seem to outwardly concern Rogers, who earlier told TPM he was confident of the bill’s passage through the House. “This is just, I think, them kicking up some dust,” Rogers told POLITICO on Wednesday after the White House announced its opposition.
Privately, House staffers told TPM that the threatened veto wasn’t a total surprise, given the White House’s earlier, not-so-subtle attacks on CISPA.
But staffers working on the legislation told TPM they were “disappointed” by the news and chalked the opposition up to sour grapes, because the White House’s own cybersecurity legislation proposal, introduced in May 2011, failed to gain any traction in the House.
Despite the news, staffers told TPM that they didn’t see CISPA getting voted down on Friday.
“We’re all working toward passage,” one staffer who was involved in drafting CISPA told TPM.
