Apparently our elected representatives have learned little from the Snowden revelations except to try to go underground to avoid public scrutiny of what they’re up to. They’re still trying to hand over our private information to the government — but now they’re keeping it vewy, vewy quiet.
One of the most underrated benefits of Edward Snowden’s leaks was how they forced the US Congress to shelve the dangerous, privacy-destroying legislation– then known as Cispa – that so many politicians had been so eager to pass under the guise of ‘cybersecurity.’ Now a version of the bill is back, and apparently its authors want to keep you in the dark about it for as long as possible.
Now it’s called the Cybersecurity Information Sharing Act (Cisa), and it is a nightmare for civil liberties.
The Cybersecurity Information Sharing Act of 2014 was released to the public as a discussion draft on June 17, 2014. The full (39 page) discussion draft is below.
According to the Center for Democracy and Technology, which hosts an in-depth analysis at its website,
The bill seems to completely ignore Edward Snowden’s revelations about NSA surveillance within the U.S., and does not contain any new protections for civil liberties to respond to those revelations. In fact, compared to the Cyber Intelligence Sharing and Protection Act (CISPA) that the Senate considered in July 2012, CISA would dismantle many of the privacy protections that had improved the previous CISPA legislation as it moved to the Senate floor.
The Senate’s previous attempts to write its own cybersecurity bill were (supposedly) prompted by privacy concerns, but this new bill may make privacy the only thing irrelevant to national security, since it was written by Saxby Chambliss and Dianne Feinstein, who have been some of the most vocal cheerleaders for the NSA’s recently revealed activities.
The new, 39-page draft bill, written by Sen. Dianne Feinstein (D-Calif.), chairman of the intelligence committee, and Sen. Saxby Chambliss (Ga.), the ranking Republican, states that no lawsuit may be brought against a company for sharing threat data with ‘any other entity or the federal government’ to prevent, investigate or mitigate a cyberattack.
From the Guardian article linked above:
Cisa is what Senator Dianne Feinstein, the bill’s chief backer and the chair of the committee, calls an ‘information-sharing’ law that’s supposed to help the government and tech and telecom companies better hand information back and forth to the government about ‘cyberthreat’ data, such as malware. But in reality, it is written so broadly it would allow companies to hand over huge swaths of your data – including emails and other communications records – to the government with no legal process whatsoever. It would hand intelligence agencies another legal authority to potentially secretly re-interpret and exploit in private to carry out even more surveillance on the American public and citizens around the world.
CISA is intended solely to give the NSA and some companies legal cover for helping the NSA’s surveillance efforts. Thanks to Edward Snowden’s revelations, many companies seem much less willing to help nowadays, but giving those companies blanket protection from liability is a very bad idea. Despite the support of Feinstein and Chambliss, it seems unlikely that the bill will have sufficient support in the overall Senate to pass.
This is only the discussion draft version, and there likely will be many revisions before it comes to the floor for a vote, but it appears that no one involved has learned anything from CISPA’s two failed trips through the House, nor from the new concerns prompted by Ed Snowden’s leaked NSA documents. They’ve just taken it all underground.