Rep. Justin Amash (R-Mich.), joined by a bipartisan group of cosponsors, introduced legislation to repeal the recently enacted Cybersecurity Act of 2015.
H.R. 4350 repeals the cyber surveillance measure tucked into the omnibus appropriations bill passed by the House and Senate and signed into law in December 2015. Amash was joined by Rep. John Conyers (D-Mich.), Rep. Zoe Lofgren (D-Calif.), Rep. Thomas Massie (R-Ky.), Rep. Ted Poe (R-Tex.), and Rep. Jared Polis (D-Colo.).
“The Cybersecurity Act was negotiated in secret by just a few members of Congress and added quietly to the 2,009-page omnibus to avoid scrutiny,” said Amash. “Most representatives are probably unaware they even voted on this legislation. It’s the worst anti-privacy law since the USA PATRIOT Act, and we should repeal it as soon as possible.”
The Cybersecurity Act facilitates unconstitutional, warrantless surveillance on law-abiding Americans. The law grants immunity from liability to companies that share employees’ or users’ private information with the government or other companies, as long as they do so under the guise of cybersecurity. It places no limits on the type of information that can be shared, which could include individuals’ personal online communications, and it allows the government to use the information it receives for purposes unrelated to cybersecurity, including the investigation and prosecution of unrelated crimes. The law, which was modeled after the Senate’s controversial Cyber Information Sharing Act (CISA), has been panned by industry leaders across the political spectrum as dangerous to privacy and security.
Prior to the vote in the House of Representatives on the omnibus containing the Cybersecurity Act, Amash distributed a myth-fact sheet dispelling proponents’ inaccurate and misleading claims about the bill’s provisions. The myth-fact sheet is available here.
The full text of H.R. 4350, to repeal the Cybersecurity Act of 2015, is available here.