SUE UDRY, sue.udry at defendingdissent.org, @
Executive director of the Bill of Rights Defense Committee/Defending Dissent Foundation, Udry said today: “On Tuesday, the Senate passed the Cybersecurity Information Sharing Act. Civil liberties, consumer rights and privacy groups have been fighting against similar legislation, and defeating it for over five years. Tuesday’s vote comes despite the opposition of tech companies, cyberlaw professors, and hundreds of thousands of everyday people who called, emailed and even faxed their lawmakers in protest.”
The Washington Post reports: “The Obama administration and lawmakers in both parties have been seeking for years to enact information-sharing legislation, and it now seems likely to become law.”
A protest is scheduled for today at 6:30 in front of the Capitol.
Udry added: “Congress just can’t seem to help itself from rushing in with fake solutions to flood the government with our private information in the vain hope of stopping something bad.
“Members of Congress who voted for CISA can’t explain how the bill will protect us from cyber attacks, because it won’t. Instead, the bill offers a ‘you scratch my back, I’ll scratch yours’ deal between corporations and the government that encourages corporations to share massive amounts of private customer information with the government in exchange for legal immunity from lawsuits. No wonder the Chamber of Commerce supports it.
“Beyond the harmful data-sharing provisions, the bill neutralizes the Freedom of Information Act by giving the Senate Select Committee on Intelligence jurisdiction over responses to FOIA requests. This sets a dangerous precedent for further undermining FOIA at the intelligence community’s will. Senator Leahy (D-VT) introduced an amendment to mitigate that provision, which did not pass.”
PATRICK EDDINGTON, PEddington at cato.org
Eddington is policy analyst in homeland security and civil liberties at the Cato Institute. He just tweeted: “Senate Passes CISA, The Surveillance Bill Masquerading As A Cybersecurity Bill; Here’s Who Sold Out Your Privacy [link].”
Eddington recently wrote the piece “Legislative Cyber Threats: CISA’s Not the Only One,” which states: “These bills are classic examples of Washington politicians feeling like they need to ‘do something’ to meet the ‘cyber threat.’ In the case of the OPM [Office of Personnel Management] hack, Congress and the agencies do need to up their cyber defense game — but not by engaging in dubious (if not downright reckless) ‘cyber information sharing’ schemes or offering bills that would actually increase, not decrease, the public’s vulnerability to online threats.
“The OPM hack, like the Sony hack last year, was the product of poor security practices — and the means of preventing those kinds of security failures are well known but insufficiently ingrained in the culture of the affected organizations. The government needs to get the basics of online security right, and stop trying to impose an Orwellian, one-size-fits-all approach to cyber defense for the rest of us.”
