The Senate Intelligence Committee voted 12-3 Tuesday to send a new cybersecurity bill to the full Senate, but the bill could strip average people's privacy rights as they share information over the digital highway.
The bill is known as the Cyber Information Sharing Act (CISA), and it now heads to the Senate for a debate and possible vote, but some politicians and privacy rights groups are concerned that the bill won't protect average Americans.
CISA is not the first cybersecurity bill. In 2012, Congress was considering the Cyber Information Sharing and Protection Act (CISPA), but it died because it did not do enough to safeguard people's privacy, The Economist reported.
CISA's promoters say this bill is different. CISA is sponsored and written by Senate Intelligence Committee Chair Dianne Feinstein, D-CA. The bill includes "a new requirement for sharing information on 'cyber threat indicators,'" The Verge reported. Companies report such indicators to the government, and agencies must share that information. The NSA "would be given a more central role in threat management under the new scheme," the site reported. Once the report was made, the agencies would check, and the company would be "encouraged to monitor their networks to gather more information about the threat."
However, some contend that CISA is too broad and gives agencies unilateral control over digital information. In the wake of the Julian Assange and Edward Snowden leaks, some agencies might want to put a lid on how much information gets out and how much they control.
Protecting the public against foreign, domestic and now digital threats at all cost is one way to do it, but some CISA critics say the bill is just another way to generally spy on the public. The Center for Democracy in Technology admonishes CISA, calling it a loophole that turns the cybersecurity program into a "back door wiretap," The Verge reported. The Electronic Frontier Foundation also found fault with the bill.
The bill's wording could make it open to interpretation. Critics are concerned that its language could open the door to checking people's criminal history, which might not be connected to a cyber threat, The Economist reported.
EFF legislative analyst Mark Jaycox said that "any cyber-security bill must acknowledge what we've learned by incorporating robust privacy protections and robust transparency protections," The Economist reported. Jaycox further states that CISA "does neither."
Some politicians agree with Jaycox. Intelligence Committee Democrats Ron Wyden and Mark Udall, who voted against the draft bill, issued a joint statement castigating its implications: "It [CISA] lacks adequate protections for the privacy rights of law-abiding Americans," The Economist reported they said.