- Trump admin celebrates Michelle Obama’s birthday by proposing rollback of her signature initiative Today 4:01 PM
- TSA apologizes after agent grabs indigenous woman’s braids, says ‘giddyup’ Today 3:28 PM
- Blue Bell ice cream licker pleads guilty Today 2:54 PM
- 7 fortune-telling sites for when you’re bored Today 2:21 PM
- Governor bans sex puns on free condom wrappers Today 2:16 PM
- Is Justin Bieber’s ‘Yummy’ video secretly about Pizzagate? Today 1:01 PM
- Woah Vicky rips out her hair in botched cultural appropriation attempt Today 12:30 PM
- Here’s an exclusive look at ‘Weathering With You’ Today 11:57 AM
- TikTok dudes are dipping their balls in soy sauce for ‘science’ Today 11:49 AM
- Pete Buttigieg’s denial of fixing bread prices becomes its own meme Today 11:10 AM
- Houston Astros get torched with buzzer memes after new revelation Today 10:41 AM
- Teens are eating cereal out of each other’s mouths for clout Today 10:34 AM
- Did Martha McSally plan her ‘liberal hack’ viral moment? Today 10:32 AM
- Trump adds Jeffrey Epstein’s old attorney to impeachment team Today 10:03 AM
- YouTube star Cameron Dallas gets scathing reviews for his Broadway debut Today 9:58 AM
Pressure is mounting against a cybersecurity bill that critics say endangers Americans’ privacy while still failing to protect against cyberattacks.
Security researchers this week joined privacy advocates in calling on President Obama to veto the Cybersecurity Information Sharing Act (CISA), which would let private companies share cyberthreat information with the United States government.
With the Senate set to take up CISA as early as Thursday morning, 68 technology professors, systems engineers, and IT consultants have written to Obama urging him not to sign it if it reaches his desk.
“We strongly oppose CISA and we urge you to again defend privacy and civil liberties.”
“CISA fails to address many of the concerns raised about preceding information sharing bills that the administration opposed, and it threatens to undermine privacy and civil liberties and increase cybersurveillance,” the letter says. “We strongly oppose CISA and we urge you to again defend privacy and civil liberties by voicing your opposition and your intention to veto it.”
A broad spectrum of civil-liberties groups, including the American Civil Liberties Union, the Electronic Frontier Foundation, the Government Accountability Project, and Human Rights Watch, also signed the letter. On Monday, several of those groups launched a campaign to inundate lawmakers with anti-CISA faxes.
A White House spokesman declined to comment on the legislation as it was still pending in Congress.
CISA is supposed to help the government and private companies better respond to cyberattacks by making it easier for them to share information about cyberthreats and learn from their mistakes. But the bill’s vague language has privacy groups worried that it could do more harm than good.
The letter from the experts and privacy advocates reminded Obama of his previous veto threats against the Cyber Intelligence Sharing and Protection Act (CISPA), CISA’s failed predecessor. Obama threatened to veto CISPA because of, among other things, inadequate protections for users’ personal information that could be swept up in the data-sharing process. CISA, the letter said, suffered from the same privacy flaws.
“CISA permits companies to leave personal and identifying information in [threat data] it shares with the government unless the company affirmatively knows that the information is not directly related to a threat—a condition that would rarely be met,” the letter said.
The coalition of experts and advocates also took issue with the bill’s language concerning how shared information could be used.
CISA does not specify what kinds of government investigations can use threat data from private businesses. In addition, tech companies are allowed to share data even when they do not believe it relates to a cybersecurity threat. Thus, the letter warned, companies could share data with the government to help it investigate crimes unrelated to the spirit of CISA—crimes that would normally merit stronger data-access protections.
The letter concluded by listing a bevy of other concerns with CISA’s vague language, including its provision letting businesses deploy unspecified and potentially dangerous “countermeasures” in response to cyberattacks.
The tech industry is not unanimously opposed to CISA. The Information Technology Industry Council, a major tech trade group, announced last week that it was urging senators to vote for the bill and said that it would “score” each of their votes in its congressional scorecard.
Photo via The White House/Flickr (PD) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.