The Cyber Intelligence Sharing and Protection Act (CISPA) has been approved by the US House of Representatives, despite a last-minute gaffe from its co-sponsor.

#CISPA passed the House with a decisive bipartisan vote of 288-127 with 92 Democrats supporting. This is a good day for Americans. — Dutch Ruppersberger (@Call_Me_Dutch) April 18, 2013

The 288-127 vote saw an increased majority from CISPA's first passage last April, with a broadly bipartisan turnout. CISPA was filibustered in the Senate but resurrected this year by Rep. Mike Rogers (R-MI), chairman of the House Intelligence Committee, and "Dutch" Ruppersberger, a Maryland democrat whose congressional district covers the home of the NSA in Fort Meade.

The legislation sets up as framework for federal government agencies to share information on security threats with private companies in order to help protect their systems. In return, private companies can choose to hand over user information (anonymized or not) to the government for "cybersecurity purposes" with full legal indemnity, whatever their terms and conditions say.

"CISPA is a poorly drafted bill that would provide a gaping exception to bedrock privacy law," EFF senior staff attorney Kurt Opsahl said in a statement. "While we all agree that our nation needs to address pressing Internet security issues, this bill sacrifices online privacy while failing to take common-sense steps to improve security."

Despite opposition, however, the bill looked to be an increasingly done deal as the vote approached. On Monday, 36 new congressional co-sponsors decided to add official support, and IBM said that it had flown in lobbying muscle to help push for CISPA.

"We're going to put our shoe leather where our mouth is," Chris Padilla, vice president of governmental affairs at IBM, told The Hill. "The message we're going to give [lawmakers] is going to be a very simple, clear message: support the passage of CISPA."

The technology industry broadly approves of CISPA, in that it might do some good and limits their liability, just in case. Facebook has been a vocal supporter, saying that the bill clarifies a lot of things and puts it under no onus to share its user's data with the government if it doesn’t want to. Of course, if it changes that view, it's unlikely the customers would be able to find out about it.

During the debate, Representative Rogers said that Silicon Valley CEOs supported him and opponents of were "people on the internet, a 14 year-old tweeter in the basement," just like his nephew who gave him aggravation for sponsoring the bill.

"Once you understand the threat, and you understand how the mechanics of it works, and you understand that people are not monitoring the content of your emails, most people go 'Got it, I'm in'," he said.

This prompted a flood of angry tweets from the vast majority of CISPA opponents who are over 14, live successful lives (many in the fields of security, computing and law), but who presumably don't count.

CISPA isn't in force yet. The Senate still has to pass legislation, and shows no sign of doing so. Even then, the President has sort-of threatened to veto the legislation as it stands.

"The Administration recognizes and appreciates that the House Permanent Select Committee on Intelligence (HPSCI) adopted several amendments to H.R. 624 in an effort to incorporate the Administration's important substantive concerns," the White House said in a statement.

"However, the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill."

We shall see if he takes that advice. ®

Bootnote

Calling opponents names is an increasingly essential part of politics in America these days. To see how politicians can use the rapier rather than the cudgel in debate El Reg suggests checking out Wednesday's performance by New Zealand MP Maurice Williamson, a man who describes C++ coding as just below sex in terms of pleasure.