2018: Schweikert Voted Against The $1.3 Trillion FY 2018 Omnibus Spending Deal Which Raised Spending By $138 Billion Over FY 2017 Levels; Bill Included The CLOUD Act, Which Attempts To Provide A Legal Framework For Law Enforcement To Get Data On Foreign Servers. In March 2018, Schweikert voted against the FY 2018 Omnibus spending bill. According to Congressional Quarterly, "Combined, the spending measures would provide about $1.3 trillion in discretionary spending, with $1.2 trillion subject to discretionary spending caps, and $78.1 billion designated as Overseas Contingency Operations funds. The measure's spending levels are consistent with the increased defense and non-defense budget caps set by the two-year budget deal agreed to last month. That agreement increased the FY 2018 defense cap by $80 billion and the non-defense cap by $63 billion. Given that the previous caps were set to reduce overall discretionary spending by $5 billion, the net increase provided by the omnibus is $138 billion over the FY 2017 level." The vote was on the motion to concur in the Senate Amendment with an Amendment. The House agreed to the motion, thereby passing the bill, by a vote of 256 to 167. The Senate later agreed to the legislation, sending it to the president, who signed it into law. [House Vote 127, 3/22/18; Congressional Quarterly, 3/22/18; Congressional Actions, H.R. 1625]
2015: Schweikert Voted Against The Cybersecurity Information Sharing Act (CISA), Which Stipulated How The Private Sector Shares Cyber Threats With The Federal Government As Part Of The FY 2016 Omnibus. In October 2015, Schweikert voted against CISA. According to Congressional Quarterly, the legislation would have, "require[d] the Director of National Intelligence, the Department of Homeland Security, the Department of Defense, and the Department of Justice to promote the sharing of cyber threat indicators with private entities, non-federal government agencies, state and local governments, and the public. The bill would further permit private entities to monitor and operate defensive measures to detect, prevent, or mitigate cybersecurity threats on their own information systems or, with written consent, the information systems of private or government entities. The bill would [have] require[d] that, prior to sharing cyber threat indicators, the federal government and private entities remove personal information or information identifying a specific person that is not directly related to a cybersecurity threat." The legislation was, according to Congressional Quarterly, a FY 2016 Omnibus Appropriations bill. The vote was on a motion to concur in the Senate amendment to the bill with an amendment. The House agreed to the motion by a vote of 316 to 113. The legislation was later combined with a tax extender bill. The Senate passed the larger measure and the president signed it. [House Vote 705, 12/18/15; Congressional Quarterly, 12/18/15; Congressional Quarterly, 12/15/15; Congressional Quarterly, 12/17/15; Congressional Quarterly, 10/27/15; Congressional Quarterly, 10/27/15; Congressional Actions, H.R. 2029]
Related Legislation Allows Companies To Share Information About Cyber Threats With Other Firms And the Government; Private Companies Would Receive Liability Protection. According to Congressional Quarterly, "The legislation passed Tuesday would allow companies to voluntarily share information about cyberthreats with other firms as well as the government. Private companies that provide such information would receive liability protection in return. The basic idea behind the bill is that by sharing information about cyber threats and data breaches, companies and the government can shore up their own networks from those same threats." [Congressional Quarterly, 10/27/15]
Related Legislation Was Designed To Help The Country Better Defend Itself Against Attacks. According to The Hill, "Many industry groups, a bipartisan group of lawmakers, and the White House argue CISA is needed to help the country better defend itself against cyberattacks. But privacy advocates criticized the bill as a surveillance measure that will simply shuttle more of Americans' personal data to the government." [The Hill, 10/27/15]
Version Only Compels Entities To Delete Information They "Know" As Extraneous While Past Version Used The Language "Reasonably Believe." According to CNN, "Complaints about the bill center around what is actually shared by companies. Groups argue that the definition of what is pertinent to cybersecurity is too broad, and the burden on companies to scrub personally identifiable information from that data is too lax. The final version of the bill compels entities to remove information they 'know' is extraneous personal information; some earlier versions used 'reasonably believe' instead, putting more burden on companies." [CNN, 12/18/15]
2015: Hackers Broke Into OPM And Stole Personal Information. According to Reuters via the Huffington Post, "Hackers who stole security clearance data on millions of Defense Department and other U.S. government employees got away with about 5.6 million fingerprint records, some 4.5 million more than initially reported, the government said on Wednesday. During an ongoing analysis of the data breach, the estimated number of people who had fingerprint records stolen rose from 1.1 million to about 5.6 million, the Office of Personnel Management said in a statement." [Reuters via the Huffington Post, 9/23/15]
Main Point Of Contention Of Related Legislation Was Privacy Protections. According to Congressional Quarterly, "The main point of contention is where the legislation lands on the spectrum between privacy and security---a question that looms over all cyber-related legislation in the wake of former security contractor Edward Snowden's revelations about government surveillance. Civil liberties advocates say the cyber bill does not go far enough to guarantee privacy, while the measure's supporters say it carries adequate protections. [Congressional Quarterly, 10/27/15]
The Chamber Of Commerce, The Securities Industry And Financial Markets Association, American Bankers Association And Financial Services Roundtable All Supported Related The Legislation. According to Congressional Quarterly, "Those who have come out in favor include the U.S. Chamber of Commerce, which sent lawmakers a note Thursday urging them to vote for cloture. The Securities Industry and Financial Markets Association, American Bankers Association and Financial Services Roundtable have also thrown their weight behind the bill. In a joint letter, the groups' leaders urged a quick passage and the defeat of "any amendments that would undermine the goals of this important legislation." [Congressional Quarterly, 10/22/15]
Many Large Technology Firms Opposed Related The Legislation Over Protection Of Personal Information. According to Congressional Quarterly, "Many technology giants, however, do not. The Computer and Communications Industry Association---a technology sector advocacy group that includes Amazon, Google and Facebook---has spoken out against the bill and what it says is the insufficient protection of personal information. Those concerns largely echo those of privacy advocacy groups." [Congressional Quarterly, 10/22/15]
2013: Schweikert Voted For Bill Aimed At Helping Government, Private Sector Fight Foreign Cyberattacks. In April 2013, Schweikert voted for the House version of the Cyber Intelligence Sharing and Protection Act (CISPA). According to the Associated Press, the bill, H.R. 624, is "[p]ro-business legislation aimed at helping companies fend off sophisticated foreign hackers" under which "businesses and the federal government would be able to share technical data without worrying about anti-trust or classification laws. The bill also would grant businesses legal immunity if hacked so long as they acted in good faith to protect their networks." The House passed the bill by a vote of 288 to 127. The bill was then sent to the Senate which took no substantive action on it. [House Vote 117, 4/18/13; Associated Press, 4/18/13; Congressional Actions, H.R. 624]
Industry Groups Backed Bill To Help Businesses Fight Attacks On Their Information Technology Systems From Abroad. According to the Associated Press, "The Cyber Intelligence Sharing and Protection Act, or CISPA, is widely backed by industry groups that say businesses are struggling to defend themselves against aggressive and sophisticated attacks from hackers in China, Russia and Eastern Europe. Hackers haven't been able to deliver crippling blows to the U.S. economy or infrastructure, but they have been able to wreak havoc on some key commercial systems. Most recently several news outlets including the New York Times acknowledged that their systems had been penetrated, while banks are said to be quietly fighting daily intrusions. North Korea was recently held responsible for a cyberattack that shut down tens of thousands of computers and servers at South Korean broadcasters and banks." [Associated Press, 4/18/13]
CISPA Aimed At Permitting Sharing Of Cybersecurity-Related Data Between Private Sector and Federal Government. According to the Washington Post, "CISPA would remove obstacles to greater sharing of malware and other threat data by companies to the government and vice versa." [Washington Post, 4/19/13]
CISPA Included Provisions Protecting Companies From Lawsuits For Sharing Cybersecurity-Related Information With The Government. According to the Washington Post, "One provision of [CISPA] would protect companies from lawsuits related to their sharing of data with the government. Privacy advocates said revisions to the bill did not allay their concerns. [Washington Post, 4/19/13]
Bill Did Not Require Companies To Remove Sensitive Information From Data Shared With Government. According to the Associated Press, "[P]rivacy advocates and civil liberties groups say the bill would open up Americans' most private online records to the federal government. The bill doesn't include a requirement that companies scrub data of sensitive information like health or credit records before sharing it with the government. [Associated Press, 4/18/13]
ACLU: CISPA "Extreme Proposal" Permitting Companies To Share Internal Data With Agencies Like NSA Without Removing Personal Information First. According to the Washington Post, ACLU legislative counsel Michelle Richardson said, " 'CISPA is an extreme proposal that allows companies that hold our very sensitive information to share it with any company or government entity they choose,' even directly with military agencies such as the National Security Agency, without first stripping out personal information." [Washington Post, 4/19/13]
Obama Administration Opposed Bill As Written, Said Improperly Immunized Companies That Did Not Adequately Protect Americans' Information. In a Statement of Administration Policy, the Obama Administration said it "remain[ed] concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities. Citizens have a right to know that corporations will be held accountable -- and not granted immunity -- for failing to safeguard personal information adequately." [Office of Management and Budget, 4/16/13]