Tuesday, the Senate Select Committee passed the Cyber Information Security Act (CISA) by a vote of 12-3. This clears another hurdle in the path toward consideration by the body of the Senate.
CISA is in large part a substantially similar redux of other Internet-security bills that have been knocked around by Congress over the years. Last year, for example, a controversial cousin of CISA called the Cyber Information Sharing and Protection Act (CISPA) made it through the House of Representatives. It couldn’t survive Senate scrutiny, however, and died amid allegations of privacy privations.
“The Cybersecurity Information Sharing Act (CISA),” reports Julian Hattem from The Hill, “makes it possible for companies and government agencies to share information about possible hackers and security weaknesses with each other, which advocates say is critical to make sure that blind spots aren’t left untended for long.”
One of the new bill’s sponsors, Senate Intelligence Chair Dianne Feinstein (D-Calif.), believes that the measure would facilitate the effort of government and business to combat cyber-attacks by easing the exchange of critical data between the two entities.
VPN Creative reports that Feinstein said, “Every week, we hear about the theft of personal information from retailers and trade secrets from innovative businesses, as well as ongoing efforts by foreign nations to hack government networks ... this bill is an important step toward curbing these dangerous cyber-attacks.”
Privacy groups, however, know a government power grab when they see one.
After the bill passed out of committee, the Electronic Frontier Foundation (EFF) joined a group of 35 civil society organizations, companies, and security experts that sent a letter appealing to President Obama to veto CISA (S. 2588). The letter states:
CISA fails to offer a comprehensive solution to cybersecurity threats. Further, the bill contains inadequate protections for privacy and civil liberties. Accordingly, we request that you promptly pledge to veto CISA. We also request that you issue a similar veto threat for any future legislation that takes a similar approach on information sharing. A robust approach to cybersecurity is necessary to protect the security of the internet and those who use it.
The letter goes on to point out that this latest incarnation of an Internet control bill makes little more than “cosmetic changes to CISPA":
Click here to read the entire article.