- Ariana Grande’s new single ‘7 Rings’ has Twitter feeling broke 3 Years Ago
- The end of an era: RIP, Critique My Dick Pic 3 Years Ago
- Mastodon is crumbling—and many blame its creator 3 Years Ago
- ‘Star Trek: Discovery’ hints at Spock’s new role in the season 2 premiere 3 Years Ago
- How to watch ‘Rachel Maddow’ online for free Today 5:30 AM
- Guy who wants to fund the border wall has privately raised $7 million Thursday 8:41 PM
- Mortal Kombat 11 trailer delights fans with gory fatalities, new characters Thursday 5:46 PM
- What you need to know about the data breach involving 773 email addresses Thursday 5:13 PM
- Senators fear government shutdown may affect FTC investigation of Facebook Thursday 3:43 PM
- Buy beer for a furloughed government worker with this new website Thursday 3:19 PM
- Alexandria Ocasio-Cortez is teaching Congress how to tweet Thursday 2:42 PM
- Congressmen held genetics meeting with Chuck Johnson, despite his past racist claims about genetics Thursday 2:26 PM
- Female bodyguard thriller ‘Close’ is disappointingly un-thrilling Thursday 2:01 PM
- Twitter faces backlash for insensitive ‘triggers’ joke Thursday 1:13 PM
- 10 user-recommended sites for live tarot readings that are almost too good to be true Thursday 12:08 PM
Security experts pressure Obama to veto CISA, a cybersecurity bill
‘We urge you to again defend privacy and civil liberties.’
Pressure is mounting against a cybersecurity bill that critics say endangers Americans’ privacy while still failing to protect against cyberattacks.
Security researchers this week joined privacy advocates in calling on President Obama to veto the Cybersecurity Information Sharing Act (CISA), which would let private companies share cyberthreat information with the United States government.
With the Senate set to take up CISA as early as Thursday morning, 68 technology professors, systems engineers, and IT consultants have written to Obama urging him not to sign it if it reaches his desk.
“We strongly oppose CISA and we urge you to again defend privacy and civil liberties.”
“CISA fails to address many of the concerns raised about preceding information sharing bills that the administration opposed, and it threatens to undermine privacy and civil liberties and increase cybersurveillance,” the letter says. “We strongly oppose CISA and we urge you to again defend privacy and civil liberties by voicing your opposition and your intention to veto it.”
A broad spectrum of civil-liberties groups, including the American Civil Liberties Union, the Electronic Frontier Foundation, the Government Accountability Project, and Human Rights Watch, also signed the letter. On Monday, several of those groups launched a campaign to inundate lawmakers with anti-CISA faxes.
A White House spokesman declined to comment on the legislation as it was still pending in Congress.
CISA is supposed to help the government and private companies better respond to cyberattacks by making it easier for them to share information about cyberthreats and learn from their mistakes. But the bill’s vague language has privacy groups worried that it could do more harm than good.
The letter from the experts and privacy advocates reminded Obama of his previous veto threats against the Cyber Intelligence Sharing and Protection Act (CISPA), CISA’s failed predecessor. Obama threatened to veto CISPA because of, among other things, inadequate protections for users’ personal information that could be swept up in the data-sharing process. CISA, the letter said, suffered from the same privacy flaws.
“CISA permits companies to leave personal and identifying information in [threat data] it shares with the government unless the company affirmatively knows that the information is not directly related to a threat—a condition that would rarely be met,” the letter said.
The coalition of experts and advocates also took issue with the bill’s language concerning how shared information could be used.
CISA does not specify what kinds of government investigations can use threat data from private businesses. In addition, tech companies are allowed to share data even when they do not believe it relates to a cybersecurity threat. Thus, the letter warned, companies could share data with the government to help it investigate crimes unrelated to the spirit of CISA—crimes that would normally merit stronger data-access protections.
The letter concluded by listing a bevy of other concerns with CISA’s vague language, including its provision letting businesses deploy unspecified and potentially dangerous “countermeasures” in response to cyberattacks.
The tech industry is not unanimously opposed to CISA. The Information Technology Industry Council, a major tech trade group, announced last week that it was urging senators to vote for the bill and said that it would “score” each of their votes in its congressional scorecard.
Photo via The White House/Flickr (PD) | Remix by Jason Reed
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.