Senate Intelligence Committee Chairman Richard Burr, R-N.C., proposed attaching language from his Cybersecurity Information Sharing Act (S-754) as an amendment to the National Defense Authorization Act reauthorization (S-1376) Tuesday with the backing of Senate Majority Leader Mitch McConnell, R-Ky. “We can no longer simply watch Americans’ personal information continue to be compromised,” Burr said in a statement. “This bill is long needed and will help us combat threats to our country and our economy.” McConnell separately cited the Office of Personnel Management data breach as a reason for proposing attachment of S-754’s language to the NDAA reauthorization. Senate intelligence Vice Chairwoman Dianne Feinstein, D-Calif, who co-sponsored S-754 with Burr, said in a statement that she declined to join Burr in offering the amendment and “it’s a mistake.” The move brought swift condemnation from S-754 critics. Sen. Ron Wyden, D-Ore., said in a statement that if McConnell “insists on attaching the flawed CISA bill to unrelated legislation, I will be fighting to ensure the Senate has a full debate and a chance to offer amendments to add vital protections for American privacy and address the threats to our cybersecurity.” Monument Policy Group lobbyist Andrew Howell told us it’s feasible that the Senate could approve the S-754 amendment. An industry lobbyist said advocates of two House-passed cyber information sharing bills -- the National Cybersecurity Protection Advancement Act (HR-1731) and the Protecting Cyber Networks Act (HR-1560) -- could move to attach language from those two bills to the NDAA reauthorization during conference. The House passed its version of NDAA reauthorization (HR-1735) May 15.
The House Communications Subcommittee easily cleared a compromise version of the Domain Openness Through Continued Oversight Matters (DOTCOM) Act (HR-805) Wednesday. Industry stakeholders told us that likely sets up swift consideration of the bill by the full House Commerce Committee but doesn’t automatically guarantee that either the House or Senate will consider it soon. Subcommittee leaders said Monday that they had reached a deal on compromise language for HR-805 that would in part require NTIA to submit a report to Congress certifying that the Internet Assigned Numbers Authority (IANA) transition plans meet the U.S. goal of maintaining global Internet openness (see 1506090067).
Prospects remain strong for the Senate to act on an extension of the Internet Tax Freedom Act following House passage Tuesday of the Permanent ITFA (HR-235). Supporters of that bill told us that it’s unlikely that extension will come in the form of the stand-alone Internet Tax Freedom Forever Act (S-431), the Senate’s HR-235 equivalent. HR-235 and S-431 would make ITFA’s ban on state and local Internet access taxes and certain state taxes on e-commerce permanent (see 1501090042). The House passed HR-235 by voice vote Tuesday, just as it did in 2014 before Senate consideration of the bill was derailed by debate over the Marketplace Fairness Act. Congress passed a temporary extension of ITFA during last year’s lame-duck session (see 1412170034, 1412030052 and 1407210077).
The Office of Personnel Management (OPM) data breach announced Thursday, in combination with Congress’ recent passage of the USA Freedom Act (see 1506020052), temporarily increases attention on Senate consideration of the Cybersecurity Information Sharing Act (S-754), but it's unclear whether that will improve the bill's chances of passage, industry lawyers and lobbyists told us in interviews. The White House cited the data breach, which OPM said may have compromised the personally identifiable information (PII) of about 4 million current and former federal employees, as a reason for Congress to pass cybersecurity legislation (see 1506050042). The House overwhelmingly passed two cybersecurity information sharing bills in April -- the National Cybersecurity Protection Advancement Act (HR-1731) and the Protecting Cyber Networks Act (HR-1560) -- and sent the language from both bills to the Senate as a revised version of HR-1560 (see 1504230062 and 1504220066).
The Copyright Office for the Digital Economy (CODE) Act, which was released Thursday in draft form, is likely to spur additional interest in the House Judiciary Committee addressing whether to make the U.S. Copyright Office an independent agency in standalone legislation, before the committee tackles bills that address other portions of a Copyright Act revamp, industry stakeholders told us. The CODE Act, authored by Reps. Judy Chu, D-Calif., and Tom Marino, R-Pa., would separate the CO from its current status as a Library of Congress office and would make the office’s director a White House appointee requiring Senate confirmation. Register of Copyrights Maria Pallante strongly backed making the CO an independent agency during an April 29 House Judiciary hearing (see 1504290058) and the issue has received the strong backing of committee members (see 1502260057).
The ICANN board said “we are far more closely aligned” with the ideas contained in a draft proposal for changing ICANN accountability “than many in the community might realize” but said Wednesday it’s concerned that the proposed governance change included in the Cross Community Working Group on Enhancing ICANN Accountability’s (CCWG-Accountability) proposal “creates the possibility for too much change to be introduced into the ICANN system at once.” CCWG-Accountability released its draft accountability proposal in early May as part of ICANN’s planning for the spinoff of NTIA’s oversight of ICANN’s Internet Assigned Numbers Authority (IANA) functions (see 1505060067). The comment deadline was originally Wednesday but ICANN extended the deadline Wednesday to June 10 for submissions that rely on translated versions of the proposal that weren’t initially available. The CCWG-Accountability draft proposal recommends giving ICANN community members additional power to influence the ICANN board’s decisions, including giving the community the ability to recall the entire board or individual board members.
The House began consideration of the proposed FY 2016 budget for the Department of Commerce and several other federal departments and agencies (HR-2578) Tuesday amid a White House veto threat, but hadn't voted at our deadline. The Republican-controlled House was widely anticipated to pass the proposed budget with limited Democratic crossover support. The House Appropriations Committee cleared the proposed $51.4 billion budget for full House consideration before the Memorial Day recess (see 1505200057). The proposed budget would allocate $8.2 billion to Commerce, including $855 million to the National Institute of Standards and Technology (NIST) and $35.2 million for NTIA, but includes a provision that would bar NTIA from using its funding “to relinquish” its responsibility for Domain Name System functions via the planned spinoff of its oversight over the Internet Assigned Numbers Authority (IANA) functions.
Industry stakeholders universally praised the FCC Communications Security, Reliability and Interoperability Council (CSRIC) report on communications sector cybersecurity risk management for recommending voluntary processes and assurances, with Motorola Solutions saying in comments posted Monday that those recommendations “strike an appropriate balance” between assuring cybersecurity protection and reflecting the interests of all stakeholders. The CSRIC report, adopted in March, was meant to adapt the National Institute of Standards and Technology’s Cybersecurity Framework for communications sector use (see 1503180056). Industry groups CTIA and TIA similarly praised the CSRIC report for providing important guidance to the sector (see 1505290042). A separate Department of Commerce Internet Policy Task Force (IPTF) proceeding (see 1504090049 and 1503160059) on possible cybersecurity topics the IPTF should address through multistakeholder work drew multiple filings urging the IPTF to factor the NIST framework into its process.
FTC Chairwoman Edith Ramirez dodged ICANN’s request for the federal agency’s guidance on whether Vox Populi registry’s pricing of .sucks domain names was illegal, but told ICANN in a letter released Thursday that the nonprofit corporation should make policy changes to its new generic top-level domain (gTLD) program. ICANN had asked the FTC and Canada’s Office of Consumer Affairs (OCA) in April to investigate Vox Populi’s .sucks pricing structure for trademark owners during a sunrise period before the gTLD’s public rollout. A determination that those practices are illegal would constitute a violation of Vox Populi’s registry agreement (see 1504140049). Canada’s OCA hadn’t responded to ICANN’s request at our deadline and didn’t say when it planned to do so.
Proponents of differing proposals for an exemption to Digital Millennium Copyright Act Section 1201 allowing for circumvention of technological protection measures (TPMs) for the purpose of unlocking cellphones and tablets appeared to move closer to a consensus during a U.S. Copyright Office hearing Tuesday. CO officials have been holding hearings on several of the 27 proposed Section 1201 exemptions it's considering as part of its sixth triennial rulemaking on the section (see 1505140070). The device unlocking exemption proposals did not have active opposition after the Competitive Carriers Association (CCA) and TracFone submitted a proposed compromise revision of Consumers Union's original proposal, but CCA, Consumers Union and the Institute of Scrap Recycling Industries (ISRI) representatives differed Tuesday on the language CO should recommend. An earlier CO hearing Tuesday on a proposed Section 1201 exemption for circumventing TPMs for good-faith security research purposes proved more contentious, with CO officials indicating they were uncertain whether they would recommend the exemption.