Today, House leadership released text of the 2016 "Omnibus package." The legislative package is supposed to deal exclusively with funding the federal government through 2016; however, leadership also managed to include a dangerous cybersecurity "information sharing" bill. The cybersecurity bill is a combination of three bad cybersecurity bills passed by Congress this year: two pieces of legislation in the House and another--called the Cybersecurity Information Sharing Act (CISA)--in the Senate. EFF has strongly opposed these bills over the past 5 years.
The bills are also opposed by other privacy advocates, civil society organizations, computer security experts, and many Silicon Valley companies as the bills ignore the fact that companies and security experts can already share the much-needed technical information to stop computer security threats. Maybe more importantly, the bills do not address problems from the recent highly publicized computer data breaches that were caused by unencrypted files, poor computer architecture, un-updated servers, and employees (or contractors) clicking malware links.
The cybersecurity bill in the Omnibus package is similar to CISA and our core problems with the bill remain. EFF continues to strongly oppose the cybersecurity legislation and we urge lawmakers to oppose the inclusion of the cybersecurity language into the Omnibus package. At the minimum, formal cybersecurity legislation should not be included in the federal budget package and Congress should postpone any vote on the cybersecurity language until after the December recess. Ramming through such legislation is not only bad politics, it's bad for a representative democracy.