White House raises concerns over CISPA bill
Information sharing without privacy safeguards is a problem, National Security Council spokeswoman says
Computerworld - The White House joined the growing chorus of voices expressing concern over the proposed Cyber Intelligence Sharing and Protection Act (CISPA) legislation that is scheduled for a vote in the U.S. House of Representatives next week.
The bill would allow Internet service providers and Internet companies such as Google and Facebook to collect and share a wide range of user data with the government. Privacy and civil rights groups have blasted the bill , saying it would dismantle privacy protections and enable unprecedented surveillance of online activities under the pretext of cybersecurity.
Any cybersecurity legislation should include strong privacy protections, The Hill quoted Hayden as saying. "The nation's critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone," she said in apparent reference to CISPA.
"Also, while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens," Hayden is quoted as saying. "Legislation without new authorities to address our nation's critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation's urgent needs."
Though the statement did not mention CISPA by name, Hayden's references to "information sharing" make clear that she is referring to CISPA because that is the only bill under consideration that calls for extensive sharing of information between the private sector and the government.
The White House's comments add to the crescendo of voices that are calling for CISPA to be stopped or seriously amended. U.S. Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) introduced CISPA in the House in November.
The bill is designed to help improve cybersecurity by allowing Internet companies to monitor and collect any information on users that they think might pose a threat to their networks or systems.
Rights groups such as the American Civil Liberties Union, the Electronic Frontier Foundation and the Center for Democracy and Technology maintain that CISPA's ambiguous wording can cause serious problems.
For instance, there's nothing in the language of the bill that would prohibit companies from monitoring private email messages, chat messages and Facebook postings simply by claiming a cybersecurity purpose to the monitoring. They can then share that information with any other entity, including the Department of Homeland Security and the National Security Agency, without judicial oversight. The bill affords Internet companies a great deal of immunity for conducting such information monitoring and sharing.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86 Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their... All Gov't Legislation/Regulation White Papers | Webcasts