See How Your Politicians Voted
Title: Cyber Intelligence Sharing and Protection Act
Vote Smart's Synopsis:
Vote to pass a bill that authorizes the federal government to share cyber threat information with private-sector entities and utilities.
- Requires the Director of National Intelligence to establish procedures for sharing cyber threat information with private-sector entities and utilities (Sec. 2).
- Defines “cyber threat information” as information directly pertaining to the following for any government or private entity's computer system or network (Sec. 2):
- A vulnerability of the network;
- A threat to the integrity, confidentiality, or availability of the network;
- Efforts to deny access to or degrade, disrupt, or destroy the network; or
- Efforts to gain unauthorized access to the network.
- Limits the sharing of cyber threat information to the following (Sec. 2):
- Sharing with protected or self-protected entities;
- Sharing with an individual with appropriate security clearance; or
- Sharing consistent with the need to protect the national security of the United States.
- Defines “protected entity” as an entity, other than an individual, that contracts with a cybersecurity provider for cybersecurity goods or services (Sec. 2).
- Defines “self-protected entity” as an entity, other than an individual, that provides cybersecurity goods or services to itself (Sec. 2).
- Prohibits the federal government from using the following information to pursue cyber threats (Sec. 2):
- Library circulation records and patron lists;
- Book sales records and customer lists;
- Firearms sales records;
- Tax returns;
- Educational records; or
- Medical records.
- Prohibits the federal government from disclosing cyber threat information to an entity outside the federal government except as authorized by the entity sharing the information (Sec. 2).
- Prohibits the federal government from using cyber threat information for regulatory purposes (Sec. 2).
- Authorizes the federal government to use cyber threat information for any of the following purposes (Sec. 2):
- For cybersecurity purposes;
- For the investigation and prosecution of cybersecurity crimes;
- For the protection of individuals from death or serious bodily harm;
- For the protection of minors from threats including, but not limited to, child pornography, sexual exploitation and kidnapping; or
- To protect the national security of the United States.