CISA bill: Hated by Google, Facebook, Apple, Twitter, Reddit...

U.S. Senate debates bill that few tech companies like

CISA Senate

Well I got this far. When I started, I wasn't even a bill, I was just an idea. Some folks back home decided they wanted a law passed, so they called their local Congressman and he said, "You're right, there ought to be a law." Then he sat down and wrote me out and introduced me to Congress. And I became a bill, and I'll remain a bill until they decide to make me a law.

Credit: ABC

The Cybersecurity Information Sharing Act (CISA) is being debated by the U.S. Senate. But the very companies it purports to protect don't want it.

Organizations such as Wikimedia, Google, Facebook, Apple, Twitter and Reddit are deeply critical—saying it's over-broad, under-protecting, and even unnecessary.

In IT Blogwatch, bloggers call their senators.

curated these bloggy bits for your entertainment.


Patricia Zengerle reports:

The U.S. Senate...began debating a long-delayed bill that would make it easier for corporations to share information about cyber attacks with each other or the government.

But a few lawmakers [and] several big tech companies...oppose it, arguing that it fails to protect users' privacy and does too little to prevent cyber attacks.

The top Republican and Democrat on the Senate Intelligence Committee issued a "fact sheet" defending it, dismissing contentions that it would allow government surveillance.  MORE


Brian Fung adds:

"We don't support the current CISA proposal," Apple said. ... "We don't believe security should come at the expense of [customers'] privacy."

"While it’s important for the public and private sector to share relevant data,"...said Amber Cottle, head of Dropbox global public policy and government affairs, "[it] should not come at the expense of users’ privacy."

In recent days, Yelp, reddit, Twitter and the Wikimedia Foundation — which runs Wikipedia — have all said that they oppose CISA.

A major critic of the legislation, Sen. Ron Wyden (D-Ore.), said..."If you share more information without strong privacy protections, millions of Americans will say, 'That is not a cybersecurity bill. It is a surveillance bill.' "  MORE


What's all the fuss about? Surely the government has our best interests at heart? The EFF's Mark Jaycox explains:

[Its] broad immunity clauses for companies, vague definitions, and aggressive spying powers make [it a] secret surveillance bill.

[And it's] largely redundant. Last year, President Obama signed...EO 13636, directing the...DHS to expand current information sharing programs. In February, he signed another Executive Order encouraging regional cybersecurity information sharing.

DHS would no longer be the lead agency making decisions about the cybersecurity information. ... The bill mandates DHS send information to agencies—like the NSA—"in real-time." The bill also allows companies to bypass DHS. [It's] ripe for improper and over-expansive information sharing. ... Once the information is sent to any government agency (including local law enforcement), it can use the information for reasons other than for cybersecurity.

Existing private rights of action...would be precluded or at least sharply restricted.

It's not a cybersecurity, but a surveillance bill.  MORE


"What are they thinking?" asks Mike Masnick:

Most of the internet industry has recently come out against the ridiculous faux-cybersecurity bill.

The supporters of the bill, such as...Dianne Feinstein and Richard Burr, went on and on about how the bill is "voluntary" and about various online hacks (none of which would have been stopped by CISA). ... Amazingly, Burr [made] a really dishonest and misleading claim that companies that don't agree to "share" information...are the ones harming their users by somehow not protecting their info. That's...laughable.

The claim that this is all "voluntary" is a myth. ... The companies recognize that they will likely be pressured into sharing.

Now would be a good time to call your two Senators and let them know to oppose this.  MORE


Meanwhile, Rob Graham fires both barrels:

CISA [is a] crappy cybersecurity bill you should oppose.

I believe it would have tiny benefit at best...far less than the harm of invading people's privacy and contributing to a cyber police state.  MORE


And Finally...
Schoolhouse Rock!


You have been reading IT Blogwatch by , who curates the best bloggy bits, finest forums, and weirdest websites… so you don't have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or itbw@richi.uk.
Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.