This morning, the Senate voted in favor of cloture on the new (this morning) manager’s amendment on CISA.
Here’s the roll call, which was a blowout. Votes against cloture were:
- Baldwin (WI)
- Booker (NJ)
- Brown (OH)
- Coons (DE)
- Franken (MN)
- Leahy (VT)
- Markey (MA)
- Menendez (NJ)
- Merkley (OR)
- Paul (KY)
- Sanders (VT)
- Udall (NM)
- Warren (MA)
- Wyden (OR)
Rand Paul’s amendment — requiring companies to adhere to their contract with customers — failed by a two-thirds margin (I will update with roll call when it’s posted).
One significant change in today’s manager’s amendment was that Sheldon Whitehouse’s crappy CFAA amendment got replaced in its entirety with this language:
SEC. 408. STOPPING THE FRAUDULENT SALE OF FINANCIAL INFORMATION OF PEOPLE OF THE UNITED STATES.
Section 1029(h) of title 18, United States Code, is amended by striking ‘‘title if—’’ and all that follows through ‘‘therefrom.’’ and inserting ‘‘title if the offense involves an access device issued, owned, managed, or controlled by a financial institution, account issuer, credit card system member, or other entity organized under the laws of the United States, or any State, the District of Columbia, or other Territory of the United States.’’
This basically protects Americans’ data if the data is owned by a US entity, regardless of where the attack on it was launched from (which was the unoffensive part of Whitehouse’s CFAA amendment). Given what Tom Carper said yesterday, we still need to be vigilant against it returning in conference, but for now this is a solid compromise.