Sharing is caring—except when it’s snooping.

The Senate Intelligence Committee on Thursday approved the Cybersecurity Information Sharing and Protection Act, which would facilitate the sharing of information from private companies to the government. The putative reason for the legislation is to stop cyberattacks, but some are concerned it will allow transfers of large amounts of personal information to the government.

The vote was 14-1 with Sen. Ron Wyden (D-Oregon) the lone holdout. “Cyberattacks and hacking against U.S. companies and networks are a serious problem for the American economy and for our national security,” Wyden said in a statement. “It makes sense to encourage private firms to share information about cybersecurity threats. But this information sharing is only acceptable if there are strong protections for the privacy rights of law-abiding American citizens.” Wyden called the bill “a surveillance bill by another name.”

Intelligence Committee chairman Richard Burr (R-North Carolina) wasn’t very reassuring in his defense of the bill’s safeguards. “If [information] finds its way to the federal government, though, once we distribute it in real time and we realize there’s personal information, any company that discovers it has to remove it or minimize it in a way that it can’t be shared anywhere else,” he said, according to Wired.

The final text of the bill hasn’t been released, but in the last version publicly available, the bill would allow the sharing of private sector data with the government that could prevent “terrorism” or an “imminent threat of death or serious bodily harm.” Those concerns go beyond cybersecurity and could allow fishing expeditions by the federal government investigating run-of-the-mill crimes.

As of now, there’s no telling what’s in the final version of the legislation approved by the committee. “This bill has the potential to seriously harm Americans’ privacy rights,” Open Technology Institute privacy counsel Robyn Greene told Wired after the vote Thursday, “and it wasn’t even debated in public.”

This isn’t the first time the committee has passed a bill like this. Last summer, similar legislation was moved to the full Senate, but it died because of concerns that Google, Facebook and other companies would be forced to share personal data with intelligence agencies.

-Steve Straehley

To Learn More:

Senate Advances Controversial Cyber Bill (by Dustin Volz, Government Executive)

CISA Cybersecurity Bill Advances Despite Privacy Concerns (by Andy Greenberg, Wired)

Legislation to Facilitate Cybersecurity Information Sharing: Economic Analysis (by N. Eric Weiss, Congressional Research Service) (pdf)

Is New Cyber Security Bill (CISPA) An End-Run around Privacy Restrictions? (by Noel Brinkerhoff, AllGov)