The House passed a bill Thursday encouraging private companies to share information about cyberattacks with federal authorities in an attempt to combat the growing problem.
The bill grants protection from liability for companies that share information and follow certain procedures.
Companies have been reluctant to share internal data about cyberattacks for fear of being sued, hurting efforts to fight criminals stealing personal information and state-sponsored campaigns stealing American intellectual property.
“Make no mistake: We are in the middle of a silent crisis. At this very moment, our nation’s businesses are being robbed and sensitive government information is being stolen,” said Rep. Michael McCaul, R-Texas, chairman of the House Homeland Security Committee. “This bill will allow us to turn the tide against our enemies.”
The bill got strong bipartisan support, passing the House by a vote of 355-63.
The bill is similar to one passed by the House on Wednesday. The bills will now be merged and sent to the Senate, where similar legislation has bipartisan support.
The White House supported the bill but raised concerns that sweeping liability protections could grant immunity to companies that fail to act on information they receive about the security of their networks.
Those concerns could be addressed if the House and Senate eventually merge their bills.
The House legislation would grant companies liability protection if they stripped out personal information from the data and shared it in real time through a civilian portal, most likely run by the Department of Homeland Security.
Similar efforts have foundered in previous years over concerns by privacy groups that personal information held by companies would end up in the hands of the National Security Agency, the digital spying agency.
The House bill would allow the NSA to get the data, but not until private information had been removed.