Before the August recess, Senate leaders agreed to consider at least 22 amendments to the bill, including a manager’s amendment package by Sens.
Advertisement
“The Senate just did a really bad thing”, Techdirt’s Mike Masnick wrote Thursday, and offered a list of the senators he said “just voted to increase surveillance and decrease trust in our internet companies, thereby harming the American economy and innovation”.
Companies can only refuse to share personal information with the government if they’re certain the information is not directly related to a threat. It permits private companies to conduct precisely the same kinds of scans the government now obligates telecoms to do under upstream 702, including data both transiting their systems (which for the telecoms would be transiting their backbone) or stored in its systems (so cloud storage).
Drew Mitnick of Access Now underscores that companies cooperating under CISA aren’t just protected from prosecution; they’re also protected from regulators, in exchange for working collaboratively to collect and report information on user behavior.
It would make it easier for corporations to share information about cyber attacks with each other or the government without fear of lawsuits.
As even the sponsors have acknowledged, this bill will do little to protect Americans from sophisticated hacks.
Sen. Ron Wyden, D-Ore., who has been one of the Senate’s most outspoken privacy advocates, opposes the Cybersecurity Information Sharing Act.
“CISA will bring a much-needed cybersecurity framework between the government and private sector, without granting the government any new authority to monitor or censor private networks”, said the National Association of Manufacturers.
“This legislation in general may clear up information-sharing issues for a few companies, but many companies already have means of sharing threat data with one another if they need to”, he says.
A few of Silicon Valley’s biggest tech firms – including Apple, Google and Twitter – have also come out against the legislation. – Gabe Rottman, legislative counsel in the ACLU Washington Legislative Office ” The Senate voted for a bill that could allow companies to transfer vast amounts of private citizens’ personal data to government databases. Facebook’s quiet lobbying is an example of why Facebook will go down as the most hated tech company in history.
Despite years of pushback from anti-CISA advocates-a coalition that includes a wide range of members, from tech companies to security experts, and the ACLU-President Obama is expected to sign the bill if it passes.
Thus, CISA permits the telecoms to do the kinds of scans they now do for foreign intelligence purposes for cybersecurity purposes in ways that (unlike the upstream 702 usage we know about) would not be required to have a foreign nexus.
Despite being supported by a wide variety of organizations across the political spectrum, the Wyden amendment failed with a vote 41 to 55.
The bill’s passage through the senate was a defeat for digital privacy activists who celebrated the passage in June of a law effectively ending the NSA’s bulk collection of United States call data.
Advertisement
“This legislation creates a cybersecurity information sharing environment that allows participants to get a better understanding of the current cybersecurity threats that may be used against them”, he continued. These included requiring the US Department of Homeland Security to scrub more personal information before forwarding data to other agencies, and to remove the provision that makes sharing people’s records under CISA immune from freedom of information requests.
