- Amy Klobuchar lists net neutrality as part of her 100-day plan for presidency 4 Years Ago
- Reddit just banned the NBA Streams subreddit 4 Years Ago
- How to watch ‘Drunk History’ for free 4 Years Ago
- Netflix’s ‘Unit 42’ soars on the chemistry of its unlikely lead partners Today 7:30 AM
- How to watch ‘Good Trouble’ for free Today 7:00 AM
- It’s time for Pete Buttigieg to claim his status as Short King Today 6:30 AM
- The best foreign-language TV shows on Netflix Today 6:00 AM
- Hasan Minhaj explains why your internet sucks in ‘Patriot Act’ episode, puts it on DVD Monday 8:41 PM
- Hackers got control of Dylan Sprouse’s Twitter account, posted offensive content Monday 7:38 PM
- Twitch is suing the trolls who flooded the platform with porn and Christchurch shooting footage Monday 6:55 PM
- Cat filter turns Pakistani politicians’ press conference into frisky business Monday 6:12 PM
- Couple calls for boycott of dog walker app Wag! after their dog was abducted Monday 5:07 PM
- Trump gets banned from SeekingArrangement because he’s not a ‘real sugar daddy’ Monday 4:17 PM
- InfoWars accidentally sent child porn to lawyers representing Sandy Hook parents Monday 4:12 PM
- Sticker warns men changing diapers about ‘feminization of the American male’ Monday 4:10 PM
Security experts pressure Obama to veto CISA, a cybersecurity bill
‘We urge you to again defend privacy and civil liberties.’
Pressure is mounting against a cybersecurity bill that critics say endangers Americans’ privacy while still failing to protect against cyberattacks.
Security researchers this week joined privacy advocates in calling on President Obama to veto the Cybersecurity Information Sharing Act (CISA), which would let private companies share cyberthreat information with the United States government.
With the Senate set to take up CISA as early as Thursday morning, 68 technology professors, systems engineers, and IT consultants have written to Obama urging him not to sign it if it reaches his desk.
“We strongly oppose CISA and we urge you to again defend privacy and civil liberties.”
“CISA fails to address many of the concerns raised about preceding information sharing bills that the administration opposed, and it threatens to undermine privacy and civil liberties and increase cybersurveillance,” the letter says. “We strongly oppose CISA and we urge you to again defend privacy and civil liberties by voicing your opposition and your intention to veto it.”
A broad spectrum of civil-liberties groups, including the American Civil Liberties Union, the Electronic Frontier Foundation, the Government Accountability Project, and Human Rights Watch, also signed the letter. On Monday, several of those groups launched a campaign to inundate lawmakers with anti-CISA faxes.
A White House spokesman declined to comment on the legislation as it was still pending in Congress.
CISA is supposed to help the government and private companies better respond to cyberattacks by making it easier for them to share information about cyberthreats and learn from their mistakes. But the bill’s vague language has privacy groups worried that it could do more harm than good.
The letter from the experts and privacy advocates reminded Obama of his previous veto threats against the Cyber Intelligence Sharing and Protection Act (CISPA), CISA’s failed predecessor. Obama threatened to veto CISPA because of, among other things, inadequate protections for users’ personal information that could be swept up in the data-sharing process. CISA, the letter said, suffered from the same privacy flaws.
“CISA permits companies to leave personal and identifying information in [threat data] it shares with the government unless the company affirmatively knows that the information is not directly related to a threat—a condition that would rarely be met,” the letter said.
The coalition of experts and advocates also took issue with the bill’s language concerning how shared information could be used.
CISA does not specify what kinds of government investigations can use threat data from private businesses. In addition, tech companies are allowed to share data even when they do not believe it relates to a cybersecurity threat. Thus, the letter warned, companies could share data with the government to help it investigate crimes unrelated to the spirit of CISA—crimes that would normally merit stronger data-access protections.
The letter concluded by listing a bevy of other concerns with CISA’s vague language, including its provision letting businesses deploy unspecified and potentially dangerous “countermeasures” in response to cyberattacks.
The tech industry is not unanimously opposed to CISA. The Information Technology Industry Council, a major tech trade group, announced last week that it was urging senators to vote for the bill and said that it would “score” each of their votes in its congressional scorecard.
Photo via The White House/Flickr (PD) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.