Twitter announced Monday that it opposed a bill to increase the sharing of cyber threat data between government and industry, warning of flaws in the bill’s privacy protections just hours before the first window of opportunity for a Senate vote.
Security+privacy are both priorities for us and therefore we can't support #CISA as written. We hope to see positive changes going forward.— Twitter Public Policy (@Policy) October 20, 2015
Twitter’s opposition to the Cybersecurity Information Sharing Act (CISA) came four days after the Computer and Communications Industry Association, a tech group representing Amazon, Facebook, Google, and other major Silicon Valley companies, announced its opposition to the bill on privacy grounds.
CISA would let private companies share information about cyber threats with government agencies, in the hope that both the public and private sectors could get better at spotting cyberattacks before they happen. But civil-liberties groups are concerned that the bill doesn’t go far enough in requiring companies to strip customers’ personal information from the threat data that they share.
The Senate could begin voting on the bill on Tuesday afternoon, though the full process is likely to take several days due to the number of amendments and the potential for procedural delays.
Over the summer, the Electronic Frontier Foundation and nearly two dozen other privacy groups sent more than 6 million faxes to senators asking them to vote against CISA. Until CCIA announced its opposition on Friday, tech-industry trade groups were mostly in favor of the bill. The Financial Services Roundtable, which represents many of the firms at the greatest risk of cyberattack, renewed its push for CISA in a letter to Congress on Monday.
Sen. Ron Wyden (D-Ore.), who has led congressional opposition to CISA, has introduced several privacy-focused amendments to the bill, including one that would strengthen the language that addresses personal-data removal. Senate leaders have reached an agreement to consider 22 amendments when debate on the bill begins.
CISA’s opponents may not have the votes to prevent the bill from passing a preliminary step known as cloture, which requires either unanimous consent to skip or 60 votes to proceed.
“It will still be an uphill battle to prevent cloture,” a Senate Democratic aide told the Daily Dot in an email. “My sense is that too many members are willing to vote for anything with ‘cybersecurity’ in the title and Chamber of Commerce support.”
Fight for the Future, one of the civil-liberties groups opposing CISA, cheered Twitter’s announcement in a statement released Tuesday.
“Twitter is joining a growing chorus of major technology companies that have recently come out strongly against the latest version of CISA,” the statement read, “echoing concerns from security experts and privacy advocates that CISA would fail to prevent cyber attacks while dramatically expanding government surveillance and undermining user privacy.”
Update 11:17am CT, Oct. 20: Added comment from Senate aide.
Photo via Kevin Krejci/Flickr (CC BY 2.0)