Following the passage in the U.S. Senate on October. 27 of legislation that will enable information-sharing to support cybersecurity, the leading associations of CIOs and CISOs (chief information security officers) in the USA applauded Senate leaders for passage of the bill. However, Fight for the Future notes Facebook has pioneered privacy-invasive experiments in the past, while also supporting previous versions of the cybersecurity info-sharing bills.
Advertisement
Senator Jim Inhofe said the bipartisan Cybersecurity Information Sharing Act would encourage private businesses to voluntarily collaborate with the government on cyber security threats and defenses.
To address privacy concerns, the Senate bill generally requires companies to strip personal information about customers out of the shared data so the government doesn’t end up amassing records on individuals’ behaviors.
The bill appears slated to hit the Senate floor in the coming days.
“Today the Senate took an important bipartisan step toward safeguarding consumers, securing the nation’s critical infrastructure and economy, and protecting our Internet networks”, said National Cable & Telecommunications Association President Michael Powell”. “The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy”.
Apple, Twitter and Dropbox declined to comment on the passage of the bill, though they all opposed the bill before it’s passage.
After numerous failed starts, the long-stalled measure was seen as likely to win easy approval.
While widely expected to sail through the Senate today, CISA isn’t yet a done deal.
The US Senate is taking action on cyber security. And to make matters potentially worse, the companies can share all user data without a warrant and even offer a backdoor to circumvent any user privacy laws.
The Electronic Frontier Foundation (EFF) is similarly concerned. “It chose to do the wrong thing”.
Sharing information about cyberthreats sounds great – in theory. A few of the recent changes to the bill-such as limiting the government’s use of the data-appeared aimed at easing those concerns. The Wyden amendment would have inserted language to protect personally identifiable information by making companies remove it “to the extent feasible” because personal information doesn’t provide information about cyber threats.
Notably, Sen. Al Franken’s (D-N.Y) had his amendment voted down, one in which he said represented privacy advocates and cybersecurity experts.
Before passing the bill Tuesday afternoon, Senators voted on – and ultimately rejected – a series of amendments that sought to reform the bill’s privacy protections.
“We’ll name the names of people who voted in favor afterwards”. Is yours on the list?
Advertisement
Before Congress can send the bill to President Obama’s desk to be signed into law, the House and Senate must resolve differences between their respective bills, including a discrepancy between incorporating mandatory and voluntary requirements.
