Learn about the government’s latest bill,CISA, which aims to solve cyber crime.
The Cybersecurity Information Sharing Act (CISA) was first introduced to Congress in 2014, and has been re-introduced again in 2015 during the 114th Congress. The bill has passed the Senate Intelligence Committee, but not much has happened with the bill since.
The bill is aimed at making it easier for companies to share security threats with the federal government. If made into law, CISA would not require the sharing of information, but it would create a system for federal agencies to receive security threats from private companies.
There has been a very active debate on this bill. In mid-September 2015 many of the top tech companies sent a letter to legislators in support of the bill’s efforts. These companies include, Adobe, Apple, IBM, Microsoft, Oracle, Salesforce and Symantec.
Several of the companies have spoken out and said they do not necessarily support the specific bill, but they support “stronger cybersecurity protections in general”.
Despite the support for some kind of cybersecurity legislation from some of the top companies in the industry, many companies are opposed to the bill because of privacy concerns.
Fight for the Future has developed a large campaign in opposition to the bill. Fight for the Future’s goal is to: “build a grassroots movement to ensure that everyone can access the Internet’s many resources affordably, free of interference or censorship and with full privacy.”
They have a website called, https://www.youbetrayedus.org/, where you can send an email to the above mentioned companies, about how they’ve betrayed their customers for signing the letter. On their first day alone, they sent out 15,000 emails to the tech companies.
Because of this backlash, the CEO of Salesforce has since come out and said he does not support CISA, and it was a mistake to sign the letter.
Fight for the Future believes that there should be cybersecurity legislation, but it should be fair. These are the issues that they have with the bill:
- The bill offers private companies immunity for privacy and anti-trust laws, to allow information to flow freely. This can include user-information, which the government would now be able to access without any warrant.
- The data being shared is not going to just one agency; it can be shared with the FBI, the IRS and all the way down to local law enforcement.
- If a criminal violation (i.e. money laundering) were exposed/committed while sharing the cybersecurity data, companies would be granted immunity.
- The bill allows companies who have shared data with the government, to access classified information from government agencies. This can include what would otherwise be private information on their competitors.
Many are in agreement that some sort of cybersecurity legislation needs to be passed. It is a growing and prevalent threat to our nation’s security. However, is the CISA the best way to protect ourselves?