Privacy group calls for changes in CISPA cyberthreat sharing bill
Privacy groups want the House Intelligence Committee to debate the bill in a public session
IDG News Service - U.S. lawmakers need to make significant changes to a controversial cyberthreat information sharing bill because the legislation could be used to give federal intelligence agencies backdoor wiretapping powers, the Center for Democracy and Technology said.
A markup to amend and send the Cyber Intelligence Sharing and Protection Act (CISPA) to the floor of the U.S. House of Representatives may happen as soon as April 10, and the House Intelligence Committee could debate the bill behind closed doors, CDT staffers said Wednesday. About 30 groups, including CDT, the American Civil Liberties Union and the Electronic Frontier Foundation, are calling on the committee to hold an open markup of the bill.
CISPA would allow companies to share cyberthreat information with a broad range of federal agencies, including intelligence agencies, and the agencies could use the shared information for broad national security purposes, said Gregory Nojeim, a senior counsel at CDT.
"I think it's fair to say that a national security use could be most anything that an intelligence agency thinks might be related to national security," he said. "It's what we say risks turning this legislation into a backdoor wiretap."
The bill, as written, also gives lawsuit protections to companies that use cybersecurity systems to collect cyberthreat information without limiting how the companies are obtaining that data, Nojeim said during a media briefing. The language in the bill could potentially give legal protections to companies that hack into other networks in search of cyberthreat information, he said.
"The last place one would think you would find new authority to hack [other networks] would be in cybersecurity legislation," he said.
In addition, CISPA gives legal immunity to companies for any "decisions made based on cyber threat information identified, obtained or shared," potentially giving companies authority to shut down other networks in the name of cyberdefense, Nojeim said.
A spokeswoman for Intelligence Committee Chairman Mike Rogers, a Michigan Republican and lead sponsor of CISPA, said the committee has had regular discussions on CISPA with privacy groups for 18 months.
"During last year's committee markup and open House floor process we incorporated several of their suggestions to tightening up the bill to further cement already robust privacy protections," spokeswoman Susan Phalen said by email. "As we move through this year's committee and House floor process, [the sponsors] are fully committed to continuing that ongoing dialogue and incorporating language into the bill which further puts to rest any misunderstandings about the bill's intent."
Nojeim said he knows of no privacy groups that the committee has a continuing dialog with.
Phalen said she expects an open debate about the bill and amendments when the bill goes to the House floor.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is email@example.com.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Exponentially Accelerate Data Protection and Recovery with Simpana 10 IntelliSnap® Snapshot Management Technology Are you making the best use of your storage array snapshot functionality? CommVault Simpana 10 IntelliSnap technology manages hardware-based snapshots across multiple vendor...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Gov't Legislation/Regulation White Papers | Webcasts