Pessimism is mounting about the chances that Congress will reauthorize a cyber threat information-sharing law before it’s set to expire at the end of this month — with no clear path for either a temporary or long-term extension.

Industry groups and the Trump administration have put a lot of muscle into renewing the 2015 Cybersecurity Information Sharing Act (CISA 2015), which they say is a vital tool in the fight against malicious hackers because of the legal protections it provides for organizations to share cyber threat data with each other and the government.

But in recent weeks, multiple efforts to re-up the law have failed or been brushed aside:

• The House inserted a two-month extension of CISA 2015 into a continuing resolution to avert a government shutdown, but after the House passed the bill, the Senate voted against the continuing resolution last week. Negotiations about continuing to fund the federal government past the end of this month appear to be at a standstill.
• The Senate Homeland Security and Governmental Affairs Committee had scheduled a markup of legislation last week introduced by Chairman Rand Paul, R-Ky., to extend the law with significant changes that drew bipartisan and industry criticism. The panel then abruptly canceled the markup.
• The top Democrat on Paul’s panel, Gary Peters of Michigan, tried to get an unaltered or “clean” 10-year reauthorization of the expiring law passed on the Senate floor with a unanimous consent motion, but Paul objected without explanation, preventing it from advancing.
• House Homeland Security Chairman Andrew Garbarino, R-N.Y., sought earlier this month to offer his legislation to extend and alter CISA 2015 as an amendment to the House version of the annual defense policy bill, or National Defense Authorization Act (NDAA), but the Rules Committee prohibited the amendment from receiving a vote. (A Senate intelligence policy bill had included a 10-year extension, but when senators folded the intelligence authorization bill into that chamber’s version of the NDAA, Paul objected and got it removed.)

All of that leaves an extension of CISA 2015 without a home, and with a key senator, Paul, likely to stand in the way of swift renewal anytime soon. Under the circumstances, “I bet it does” expire, one industry source said of CISA 2015. 

“I’d be pleasantly surprised if it is continued given Paul’s objection,” the source said.

And that could be a big problem for both lawmakers and private-sector organizations.

While it’s unclear exactly how even a temporary lapse in the law might affect cyber information sharing, some have offered dire predictions about how bad it will be. In the legal community, “if you’re giving people a reason not to do something, they won’t do it,” said another industry source. 

If there’s a big breach during a time when the law has expired, the political risks increase, because cyberattack victims are likely to blame the lapse for what happens, said the source, who has extensive cybersecurity policy experience.

Best hopes (until recently)

Advocates had long pinned their hopes that a temporary two-year CISA 2015 renewal would be included in the continuing resolution (CR), given the urgency to avoid a government shutdown and the fact that the law was sent to expire when the fiscal year ends gave Congress a perfect opportunity. The House GOP’s inclusion of that short-term extension language in the CR — and Democrats’ support for it in their own proposal — indicated widespread support for the idea. The CR passed 217-212.

Senate leaders have a tradition of honoring objections on policy matters from the heads of the committees with jurisdiction over those topics when they are up for consideration in other bills. But multiple observers told CyberScoop that they interpreted the inclusion of the CISA 2015 law extension in the House CR as a sign that Senate leaders were prepared to ignore objections from Paul in this case. 

Besides lawmakers and private-sector groups, the Trump administration has been pressing for renewal. Industry and Senate sources say that new National Cyber Director Sean Cairncross has been especially focused on selling lawmakers on the need for action on CISA 2015.

But temporary renewal is now a casualty of the broader fight over a government shutdown, with the Senate voting 44-48 against the CR.

Paul complications

Earlier this month, the House Homeland Security Committee approved Garbarino’s bill to renew CISA 2015 for 10 years by a vote of 25-0. While Democrats questioned whether the legislation should’ve included any changes to the law rather than a “clean” reauthorization, Garbarino’s changes themselves garnered no significant opposition.

That wasn’t the case for the version Paul sponsored and that was scheduled for vote in his committee last week, which would have provided a two-year reauthorization. Industry groups objected to the Paul legislation striking provisions of the 2015 law that provided protections related to cyber threat data sharing with the federal government against disclosure from Freedom of Information Act requests. They opposed a section that would get rid of the law’s section on federal preemption, under which the law supersedes state laws and regulations.

Democrats also raised concerns about several key definitions in the law, including those related to the rules for  how companies can use defensive measures. According to Senate aides who spoke with CyberScoop, these changes could leave small- and medium-sized businesses particularly vulnerable. Combined with the other industry objections, the aides said, Paul’s bill would have functionally ended private sector information sharing with the government.

Industry is wary of major changes to CISA 2015 in general.

“The fact is that over the last 10 years, it’s been an effective way for the private sector to share information, which is a key ingredient in improving cybersecurity, and we should just be very careful while making changes to something that is working pretty well,” said Henry Young, senior director of policy for Business Software Alliance.

A section of the legislation that Paul wrote on free speech protections also created questions.  Five Senate and industry sources told CyberScoop that Paul canceled the markup because Senate Republican panel members planned amendments that would have, with somewhat different approaches, stripped Paul’s changes in favor of a “clean” reauthorization. 

Spokespeople for senators that sources said were behind those amendments, Joni Ernst of Iowa and Bernie Moreno of Ohio, did not respond to requests for comment.

A spokesperson for Paul disputed what the sources told CyberScoop about the reason for the cancellation.

“The characterization of the cancellation of the markup is false,” said the spokesperson, Gabrielle Lipsky. “The Democrats, who are not negotiating in good faith, asked for more time.”

Peters said in a Senate floor speech Friday that it was “disappointing” that Paul canceled the markup, and that “we were blocked from even having a discussion about the policy or draft legislation.”

Constituents in Paul’s home state have lobbied him on the importance of a “clean” reauthorization of CISA 2015; Paul’s public remarks about extension of the law have largely focused on passing a bill that includes additional guarantees on free speech.

“We make this request respecting your determination to protect Americans’ privacy and freedom of speech from censorship and intimidation by federal government employees, and we share those concerns,” a number of Kentucky business groups wrote to Paul in a Sept. 17 letter advocating for a “clean” extension. “We would welcome the opportunity to work with you to increase privacy and censorship protections in other legislation.” 

Peters asked for unanimous consent Friday for the Senate to advance a 10-year reauthorization. Paul said only, “I object,” thus blocking the renewal effort from Peters.

“Congress must pass an extension of these cybersecurity protections and prevent a lapse that would completely undercut our cybersecurity defenses and expose critical sectors to preventable attacks,” Peters said in a statement to CyberScoop. “These liability protections ensure trusted, rapid information sharing between the private sector and government to quickly detect, prevent, and respond to cybersecurity threats. I’m continuing to work toward a bipartisan, bicameral deal that will renew these protections for the long-term, but we cannot afford to let these critical cybersecurity protections expire at the end of the month.”

Other avenues

A common hope among advocates was that after a short-term extension became law as part of the CR, a longer-term extension would be included in the NDAA, which often passes toward the end of each calendar year or the start of the next.

But hopes for that diminished after actions in both the House and Senate. In the Senate, the Intelligence Committee had included a 10-year renewal in its annual intelligence authorization bill. That legislation was then included in the Senate version of the NDAA, but sources on and off the Hill told CyberScoop that Paul objected to inclusion of the CISA 2015 extension, so it was removed.

And the Rules Committee decided on Sept. 9 that Garbarino’s CISA 2015 renewal amendment wasn’t germane, thus preventing him from offering it during debate on the House floor about the NDAA. One day later, the House passed its version of the NDAA, 231-196.

The next steps for CISA 2015 reauthorization are unclear. Paul’s office did not respond to a question about his future plans for renewing CISA 2015.

Options for a short-term renewal are limited for now to whatever congressional leaders do to try to revive or replace a CR, but the timeline for doing so before CISA 2015 expires is exceptionally tight. Options for a long-term renewal might include an amendments package for the Senate version of the NDAA, since the full Senate has yet to take up its bill.

CISA 2015 “must not lapse on September 30, 2025. Allowing it to expire will create a significantly more hostile security environment for the U.S.,” Matthew Eggers, vice president of cybersecurity policy in the cyber, intelligence, and security division at the U.S. Chamber of Commerce, told CyberScoop in a written statement. “The Chamber advocates for a multi-year reauthorization of this vital law. Short-term extensions are counterproductive. Both the private sector and the government need certainty, including the ability to allocate resources for long-term cybersecurity planning and implementation. House and Senate leaders and the Trump administration have expressed strong support for reauthorizing CISA 2015.”

The post Cyber threat information law hurtles toward expiration, with poor prospects for renewal appeared first on CyberScoop.

“Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” -U.S. Constitution, First Amendment.

In an address to Congress this month, President Trump claimed he had “brought free speech back to America.” But barely two months into his second term, the president has waged an unprecedented attack on the First Amendment rights of journalists, students, universities, government workers, lawyers and judges.

This story explores a slew of recent actions by the Trump administration that threaten to undermine all five pillars of the First Amendment to the U.S. Constitution, which guarantees freedoms concerning speech, religion, the media, the right to assembly, and the right to petition the government and seek redress for wrongs.

THE RIGHT TO PETITION

The right to petition allows citizens to communicate with the government, whether to complain, request action, or share viewpoints — without fear of reprisal. But that right is being assaulted by this administration on multiple levels. For starters, many GOP lawmakers are now heeding their leadership’s advice to stay away from local town hall meetings and avoid the wrath of constituents affected by the administration’s many federal budget and workforce cuts.

Another example: President Trump recently fired most of the people involved in processing Freedom of Information Act (FOIA) requests for government agencies. FOIA is an indispensable tool used by journalists and the public to request government records, and to hold leaders accountable.

The biggest story by far this week was the bombshell from The Atlantic editor Jeffrey Goldberg, who recounted how he was inadvertently added to a Signal group chat with National Security Advisor Michael Waltz and 16 other Trump administration officials discussing plans for an upcoming attack on Yemen.

One overlooked aspect of Goldberg’s incredible account is that by planning and coordinating the attack on Signal — which features messages that can auto-delete after a short time — administration officials were evidently seeking a way to avoid creating a lasting (and potentially FOIA-able) record of their deliberations.

“Intentional or not, use of Signal in this context was an act of erasure—because without Jeffrey Goldberg being accidentally added to the list, the general public would never have any record of these communications or any way to know they even occurred,” Tony Bradley wrote this week at Forbes.

Petitioning the government, particularly when it ignores your requests, often requires challenging federal agencies in court. But that becomes far more difficult if the most competent law firms start to shy away from cases that may involve crossing the president and his administration.

On March 22, the president issued a memorandum that directs heads of the Justice and Homeland Security Departments to “seek sanctions against attorneys and law firms who engage in frivolous, unreasonable and vexatious litigation against the United States,” or in matters that come before federal agencies.

The POTUS recently issued several executive orders railing against specific law firms with attorneys who worked legal cases against him. On Friday, the president announced that the law firm of Skadden, Arps, Slate, Meager & Flom had agreed to provide $100 million in pro bono work on issues that he supports.

Trump issued another order naming the firm Paul, Weiss, Rifkind, Wharton & Garrison, which ultimately agreed to pledge $40 million in pro bono legal services to the president’s causes.

Other Trump executive orders targeted law firms Jenner & Block and WilmerHale, both of which have attorneys that worked with special counsel Robert Mueller on the investigation into Russian interference in the 2016 election. But this week, two federal judges in separate rulings froze parts of those orders.

“There is no doubt this retaliatory action chills speech and legal advocacy, and that is qualified as a constitutional harm,” wrote Judge Richard Leon, who ruled against the executive order targeting WilmerHale.

President Trump recently took the extraordinary step of calling for the impeachment of federal judges who rule against the administration. Trump called U.S. District Judge James Boasberg a “Radical Left Lunatic” and urged he be removed from office for blocking deportation of Venezuelan alleged gang members under a rarely invoked wartime legal authority.

In a rare public rebuke to a sitting president, U.S. Supreme Court Justice John Roberts issued a statement on March 18 pointing out that “For more than two centuries, it has been established that impeachment is not an appropriate response to disagreement concerning a judicial decision.”

The U.S. Constitution provides that judges can be removed from office only through impeachment by the House of Representatives and conviction by the Senate. The Constitution also states that judges’ salaries cannot be reduced while they are in office.

Undeterred, House Speaker Mike Johnson this week suggested the administration could still use the power of its purse to keep courts in line, and even floated the idea of wholesale eliminating federal courts.

“We do have authority over the federal courts as you know,” Johnson said. “We can eliminate an entire district court. We have power of funding over the courts, and all these other things. But desperate times call for desperate measures, and Congress is going to act, so stay tuned for that.”

FREEDOM OF ASSEMBLY

President Trump has taken a number of actions to discourage lawful demonstrations at universities and colleges across the country, threatening to cut federal funding for any college that supports protests he deems “illegal.”

A Trump executive order in January outlined a broad federal crackdown on what he called “the explosion of antisemitism” on U.S. college campuses. This administration has asserted that foreign students who are lawfully in the United States on visas do not enjoy the same free speech or due process rights as citizens.

Reuters reports that the acting civil rights director at the Department of Education on March 10 sent letters to 60 educational institutions warning they could lose federal funding if they don’t do more to combat anti-semitism. On March 20, Trump issued an order calling for the closure of the Education Department.

Meanwhile, U.S. Immigration and Customs Enforcement (ICE) agents have been detaining and trying to deport pro-Palestinian students who are legally in the United States. The administration is targeting students and academics who spoke out against Israel’s attacks on Gaza, or who were active in campus protests against U.S. support for the attacks. Secretary of State Marco Rubio told reporters Thursday that at least 300 foreign students have seen their visas revoked under President Trump, a far higher number than was previously known.

In his first term, Trump threatened to use the national guard or the U.S. military to deal with protesters, and in campaigning for re-election he promised to revisit the idea.

“I think the bigger problem is the enemy from within,” Trump told Fox News in October 2024. “We have some very bad people. We have some sick people, radical left lunatics. And I think they’re the big — and it should be very easily handled by, if necessary, by National Guard, or if really necessary, by the military, because they can’t let that happen.”

This term, Trump acted swiftly to remove the top judicial advocates in the armed forces who would almost certainly push back on any request by the president to use U.S. soldiers in an effort to quell public protests, or to arrest and detain immigrants. In late February, the president and Defense Secretary Pete Hegseth fired the top legal officers for the military services — those responsible for ensuring the Uniform Code of Military Justice is followed by commanders.

Military.com warns that the purge “sets an alarming precedent for a crucial job in the military, as President Donald Trump has mused about using the military in unorthodox and potentially illegal ways.” Hegseth told reporters the removals were necessary because he didn’t want them to pose any “roadblocks to orders that are given by a commander in chief.”

FREEDOM OF THE PRESS

President Trump has sued a number of U.S. news outlets, including 60 Minutes, CNN, The Washington Post, The New York Times and other smaller media organizations for unflattering coverage.

In a $10 billion lawsuit against 60 Minutes and its parent Paramount, Trump claims they selectively edited an interview with former Vice President Kamala Harris prior to the 2024 election. The TV news show last month published transcripts of the interview at the heart of the dispute, but Paramount is reportedly considering a settlement to avoid potentially damaging its chances of winning the administration’s approval for a pending multibillion-dollar merger.

The president sued The Des Moines Register and its parent company, Gannett, for publishing a poll showing Trump trailing Harris in the 2024 presidential election in Iowa (a state that went for Trump). The POTUS also is suing the Pulitzer Prize board over 2018 awards given to The New York Times and The Washington Post for their coverage of purported Russian interference in the 2016 election.

Whether or not any of the president’s lawsuits against news organizations have merit or succeed is almost beside the point. The strategy behind suing the media is to make reporters and newsrooms think twice about criticizing or challenging the president and his administration. The president also knows some media outlets will find it more expedient to settle.

Trump also sued ABC News and George Stephanopoulos for stating that the president had been found liable for “rape” in a civil case [Trump was found liable of sexually abusing and defaming E. Jean Carroll]. ABC parent Disney settled that claim by agreeing to donate $15 million to the Trump Presidential Library.

Following the attack on the U.S. Capitol on Jan. 6, 2021, Facebook blocked President Trump’s account. Trump sued Meta, and after the president’s victory in 2024 Meta settled and agreed to pay Trump $25 million: $22 million would go to his presidential library, and the rest to legal fees. Meta CEO Mark Zuckerberg also announced Facebook and Instagram would get rid of fact-checkers and rely instead on reader-submitted “community notes” to debunk disinformation on the social media platform.

Brendan Carr, the president’s pick to run the Federal Communications Commission (FCC), has pledged to “dismantle the censorship cartel and restore free speech rights for everyday Americans.” But on January 22, 2025, the FCC reopened complaints against ABC, CBS and NBC over their coverage of the 2024 election. The previous FCC chair had dismissed the complaints as attacks on the First Amendment and an attempt to weaponize the agency for political purposes.

According to Reuters, the complaints call for an investigation into how ABC News moderated the pre-election TV debate between Trump and Biden, and appearances of then-Vice President Harris on 60 Minutes and on NBC’s “Saturday Night Live.”

Since then, the FCC has opened investigations into NPR and PBS, alleging that they are breaking sponsorship rules. The Center for Democracy & Technology (CDT), a think tank based in Washington, D.C., noted that the FCC is also investigating KCBS in San Francisco for reporting on the location of federal immigration authorities.

“Even if these investigations are ultimately closed without action, the mere fact of opening them – and the implicit threat to the news stations’ license to operate – can have the effect of deterring the press from news coverage that the Administration dislikes,” the CDT’s Kate Ruane observed.

Trump has repeatedly threatened to “open up” libel laws, with the goal of making it easier to sue media organizations for unfavorable coverage. But this week, the U.S. Supreme Court declined to hear a challenge brought by Trump donor and Las Vegas casino magnate Steve Wynn to overturn the landmark 1964 decision in New York Times v. Sullivan, which insulates the press from libel suits over good-faith criticism of public figures.

The president also has insisted on picking which reporters and news outlets should be allowed to cover White House events and participate in the press pool that trails the president. He barred the Associated Press from the White House and Air Force One over their refusal to call the Gulf of Mexico by another name.

And the Defense Department has ordered a number of top media outlets to vacate their spots at the Pentagon, including CNN, The Hill, The Washington Post, The New York Times, NBC News, Politico and National Public Radio.

“Incoming media outlets include the New York Post, Breitbart, the Washington Examiner, the Free Press, the Daily Caller, Newsmax, the Huffington Post and One America News Network, most of whom are seen as conservative or favoring Republican President Donald Trump,” Reuters reported.

FREEDOM OF SPEECH

Shortly after Trump took office again in January 2025, the administration began circulating lists of hundreds of words that government staff and agencies shall not use in their reports and communications.

The Brookings Institution notes that in moving to comply with this anti-speech directive, federal agencies have purged countless taxpayer-funded data sets from a swathe of government websites, including data on crime, sexual orientation, gender, education, climate, and global development.

The New York Times reports that in the past two months, hundreds of terabytes of digital resources analyzing data have been taken off government websites.

“While in many cases the underlying data still exists, the tools that make it possible for the public and researchers to use that data have been removed,” The Times wrote.

On Jan. 27, Trump issued a memo (PDF) that paused all federally funded programs pending a review of those programs for alignment with the administration’s priorities. Among those was ensuring that no funding goes toward advancing “Marxist equity, transgenderism, and green new deal social engineering policies.”

According to the CDT, this order is a blatant attempt to force government grantees to cease engaging in speech that the current administration dislikes, including speech about the benefits of diversity, climate change, and LGBTQ issues.

“The First Amendment does not permit the government to discriminate against grantees because it does not like some of the viewpoints they espouse,” the CDT’s Ruane wrote. “Indeed, those groups that are challenging the constitutionality of the order argued as much in their complaint, and have won an injunction blocking its implementation.”

On January 20, the same day Trump issued an executive order on free speech, the president also issued an executive order titled “Reevaluating and Realigning United States Foreign Aid,” which froze funding for programs run by the U.S. Agency for International Development (USAID). Among those were programs designed to empower civil society and human rights groups, journalists and others responding to digital repression and Internet shutdowns.

According to the Electronic Frontier Foundation (EFF), this includes many freedom technologies that use cryptography, fight censorship, protect freedom of speech, privacy and anonymity for millions of people around the world.

“While the State Department has issued some limited waivers, so far those waivers do not seem to cover the open source internet freedom technologies,” the EFF wrote about the USAID disruptions. “As a result, many of these projects have to stop or severely curtail their work, lay off talented workers, and stop or slow further development.”

On March 14, the president signed another executive order that effectively gutted the U.S. Agency for Global Media (USAGM), which oversees or funds media outlets including Radio Free Europe/Radio Liberty and Voice of America (VOA). The USAGM also oversees Radio Free Asia, which supporters say has been one of the most reliable tools used by the government to combat Chinese propaganda.

But this week, U.S. District Court Judge Royce Lamberth, a Reagan appointee, temporarily blocked USAGM’s closure by the administration.

“RFE/RL has, for decades, operated as one of the organizations that Congress has statutorily designated to carry out this policy,” Lamberth wrote in a 10-page opinion. “The leadership of USAGM cannot, with one sentence of reasoning offering virtually no explanation, force RFE/RL to shut down — even if the President has told them to do so.”

FREEDOM OF RELIGION

The Trump administration rescinded a decades-old policy that instructed officers not to take immigration enforcement actions in or near “sensitive” or “protected” places, such as churches, schools, and hospitals.

That directive was immediately challenged in a case brought by a group of Quakers, Baptists and Sikhs, who argued the policy reversal was keeping people from attending services for fear of being arrested on civil immigration violations. On Feb. 24, a federal judge agreed and blocked ICE agents from entering churches or targeting migrants nearby.

The president’s executive order allegedly addressing antisemitism came with a fact sheet that described college campuses as “infested” with “terrorists” and “jihadists.” Multiple faith groups expressed alarm over the order, saying it attempts to weaponize antisemitism and promote “dehumanizing anti-immigrant policies.”

The president also announced the creation of a “Task Force to Eradicate Anti-Christian Bias,” to be led by Attorney General Pam Bondi. Never mind that Christianity is easily the largest faith in America and that Christians are well-represented in Congress.

The Rev. Paul Brandeis Raushenbush, a Baptist minister and head of the progressive Interfaith Alliance, issued a statement accusing Trump of hypocrisy in claiming to champion religion by creating the task force.

“From allowing immigration raids in churches, to targeting faith-based charities, to suppressing religious diversity, the Trump Administration’s aggressive government overreach is infringing on religious freedom in a way we haven’t seen for generations,” Raushenbush said.

A statement from Americans United for Separation of Church and State said the task force could lead to religious persecution of those with other faiths.

“Rather than protecting religious beliefs, this task force will misuse religious freedom to justify bigotry, discrimination, and the subversion of our civil rights laws,” said Rachel Laser, the group’s president and CEO.

Where is President Trump going with all these blatant attacks on the First Amendment? The president has made no secret of his affection for autocratic leaders and “strongmen” around the world, and he is particularly enamored with Hungary’s far-right Prime Minister Viktor Orbán, who has visited Trump’s Mar-a-Lago resort twice in the past year.

A March 15 essay in The Atlantic by Hungarian investigative journalist András Pethő recounts how Orbán rose to power by consolidating control over the courts, and by building his own media universe while simultaneously placing a stranglehold on the independent press.

“As I watch from afar what’s happening to the free press in the United States during the first weeks of Trump’s second presidency — the verbal bullying, the legal harassment, the buckling by media owners in the face of threats — it all looks very familiar,” Pethő wrote. “The MAGA authorities have learned Orbán’s lessons well.”