On Tuesday, the U.S. Senate passed the Cybersecurity Information Sharing Act—a bill that expands protections to companies that choose to share cybersecurity data with the government. A Wall Street Journal editorial described the bill’s concept: “Let private businesses share information with each other, and with the government, to better fight an escalating and constantly evolving cyber threat.”

Critics argue that the bill doesn’t address the real problems facing the country’s cybersecurity systems. In fact, an open letter from cyberlaw and cybersecurity professors characterizes the bill as “a classic ‘let’s do something’ law.” The letter argues that the bill will “weaken privacy and encourage governmental surveillance, with little upside for the public.”

At the very least, the bill’s overwhelming passage in the Senate—by a 74 to 21 vote with strong bipartisan support—indicates that lawmakers from both parties recognize the seriousness of the issue.

The House has passed similar information-sharing measures already—congress must reconcile the bills before presenting a final version for the President’s signature.