A new bipartisan bill introduced on December 12 would grant the Department of Homeland Security’s cyber unit access to ISP information on customers that CISA has identified as “operating vulnerable critical infrastructure.” The CISA would also have the ability to subpoena ISPs for customer information. The CISA would obtain the power to receive information about critical infrastructure through administrative subpoenas, of which the CISA would have to notify the owner of the critical infrastructure within one week of receiving this information, and must destroy it after six months. CISA employees claim that the bill grants the CISA the bare minimum of information necessary, stating that the bill is tailored to protect entity privacy rights.
Read More: New bill gives this Homeland Security agency authority to get ISP info
