(Reuters) — The U.S. Senate Intelligence Committee approved a bill on Tuesday to encourage companies to exchange information with the government on hacking attempts and cyber security threats, officials said.
Despite concerns by some that the measure does not do enough to protect privacy, the committee voted 12-3 to advance the measure authored by its chairwoman, Sen. Dianne Feinstein, D-Calif., and its vice chairman, Sen. Saxby Chambliss, R-Ga., their offices said.
Experts see the bill as the best chance for the current Congress to pass some type of legislation to encourage better cooperation between the government and private companies to boost the cyber defenses of critical industries.
"Cyber attacks present the greatest threat to our national and economic security today, and the magnitude of the threat is growing," Sen. Feinstein said in a statement. "This bill is an important step toward curbing these dangerous cyber attacks."
U.S. lawmakers have been considering for months legislation to help private companies better communicate about security breaches and cyber threats. However, comprehensive cyber bills have been delayed by spats over liability and concerns about privacy, especially following the leak of information about government surveillance programs by former contractor Edward Snowden.
The Senate bill still faces hurdles before becoming law. It must be approved by the full Senate and reconciled with similar legislation that passed the House of Representatives in April.
However, there are already signs that the measure has bipartisan support in the House of Representatives. The Republican chairman and top Democrat on the House Intelligence Committee issued a statement on Tuesday backing the measure and urging the full Senate to vote quickly.
"We are confident that the House and the Senate will quickly come together to address this urgent threat and craft a final bill that secures our networks and protects privacy and civil liberties," Rep. Mike Rogers, R-Mich., and Rep. Dutch Ruppersberger, D-Md., said in a statement.
Among other things, the bill by Sens. Feinstein and Chambliss would authorize companies and individuals to monitor their own and consenting customers' networks for hacking and voluntarily share cyber threat data, stripped of personally identifiable information, with the government and each other for cyber security purposes.
The legislation also directs the U.S. director of national intelligence to increase the amount of information the government shares with private firms and the U.S. Department of Homeland Security to set up and manage a data-sharing portal.
The measure would also offer liability protections to companies that appropriately monitor their networks or share cyber threat data and limit the government's ability to use data it receives.
Some privacy advocates have opposed giving companies liability protections, worried about abuses of consumer data both by the private sector and the government.
Sens. Ron Wyden, D-Ore., and Mark Udall, D-Colo., both members of the intelligence committee, said after the vote that they had opposed the bill because they felt it did not include sufficient privacy protections.