The US House of Representatives [official website] passed a controversial cybersecurity bill [HR 624, PDF] on Thursday that allows corporations to share customers' personal data with other firms and the US government, even in the face of a company contract prohibiting such activity. Known as the Cyber Intelligence Sharing and Protection Act (CISPA), the legislation was approved [roll call] by a vote of 288-127, with opposition expected from the Obama administration, civil liberties groups and privacy advocates. According to the statute, the Intelligence Community Inspector General would be required to produce an annual review [WP report] of the government's use of shared information and companies would be allowed to withhold information if they choose. However, according to civil liberties organizations critical of the bill, under the new law companies will be permitted to share very sensitive and personal customer information with the government and military agencies.
The legislation was reintroduced [JURIST report] in February by Michigan Republican Mike Rogers and Maryland Democrat CA "Dutch" Ruppersberger [official websites]. Last April the House approved CISPA [JURIST report] by a vote of 248-168. In March Obama administration official Melanie Ann Pustay testified before the Senate Judiciary Committee [official website] to urge congressional officials to amend [JURIST report] the Freedom of Information Act [official website] to strengthen government's ability to prevent disclosure of information related to critical infrastructure and cybersecurity.