The US House of Representatives has passed a milestone cybersecurity bill that would push private companies to share computer network access with each other and federal law enforcement as a strategy to fight data breaches.
The Senate will soon consider a similar bill. If a combined measure becomes law it will be the government's most definitive response to a bad string of cyberattacks. In late 2013 credit card numbers were stolen from 40m consumers doing business with retailer Target.
Last year, major films were leaked from Sony Pictures in an attack officials believe was launched from North Korea or Russia in apparent retaliation for a comedy about leader Kim Jong-un. And early this year, hackers accessed personal information on 80 million consumers linked to health insurer Anthem.
"At some point, we need to stop talking about the next Sony, the next Anthem, the next Target, the next JP Morgan Chase and the next State Department hack, and actually pass a bill that will help ensure that there will be no next cyberattack," said California Representative Adam Schiff, the top Democrat of the House Intelligence Committee.
As an inducement to sharing information, the Protecting Cyber Networks Act, which passed 307 to 116 in a bipartisan vote, would grant legal liability immunity to companies that open network access to each other or to federal investigators. It's a scenario that frightens privacy activists. But the measure would require that shared access be twice "scrubbed" of private consumer or client information.
The public and some companies are reluctant to grant the government more access in the wake of whistleblower Edward Snowden's leaked top secret information revealing the massive and surprising surveillance of American citizens by the National Security Agency via digital communication.
Many privacy rights organisations see the Senate and House bills as a cybersecurity veil for increased government surveillance.
The act would "significantly increase the National Security Agency's access to personal information, and authorise the federal government to use that information for a myriad of purposes unrelated to cybersecurity," reads a protest letter to politicians signed earlier this week by 55 civil liberties groups and security experts that includes the American Civil Liberties Union, the Electronic Frontier Foundation and Human Rights Watch.
The White House has expressed support for the bill. It is concerned, however, about "sweeping" indemnity for companies that share information, but hopes privacy protections will be strengthened before the measure evolves into law, reports The Hill.