WASHINGTON (10/23/15)--A CUNA-opposed amendment to the Cybersecurity Information Sharing Act (CISA) was voted down 65-32 Thursday.
Just prior to the Senate session, CUNA and its partners wrote to the leadership highlighting numerous concerns with an amendment proposed by Sen. Rand Paul (R-Ky.).
The amendment would have prohibited liability immunity from applying to private entities that break user or privacy agreements with consumers.
According to CUNA and its partners, the amendment “is counter to the goal of CISA and will only discourage firms from participating in the voluntary sharing process,” and would weaken the ability to defend against cyberattacks.
“This amendment would undermine these goals by jeopardizing a firm’s liability protections for even an inadvertent violation of a terms of service or privacy agreement,” the letter reads. “Moreover, if a company does not anticipate in its terms of service or privacy agreements any circumstance or eventuality in which it may--now or in the future--engage in the sharing or monitoring of cyber threats, it risks losing liability protections and being subject to litigation.”
CUNA, along with the Consumer Bankers Association, Independent Community Bankers of America and National Association of Federal Credit Unions, wrote again to Senate leadership Thursday with concerns about other CISA amendments.
CUNA has written to the Senate a number of times in recent weeks regarding CISA, which it believes is a good start, but only a first step. A separate bill such as the Data Security Act of 2015 (S. 961) should be considered by the Senate to enact the strict data standards needed to prevent further data breaches.
The Senate hopes to hold a final vote on CISA next week.