Civil liberties groups: Cyberthreat sharing bill still attacks privacy

The CISPA cyber information-sharing bill could get a vote in the House of Representatives next week, critics say

A bill in the U.S. Congress designed to encourage private companies and government agencies to share cyberthreat information with each other still allows the sharing of vast swaths of private communications, even after sponsors offered to make changes, critics said Tuesday.

The U.S. House of Representatives could vote on the Cyber Intelligence Sharing and Protection Act, or CISPA, next week, but the bill still raises privacy and civil liberties concerns, officials with the Center for Democracy and Technology, the American Civil Liberties Union and the Constitution Project said.

The bill would allow private companies such as Internet service providers to share customer communications with government agencies with few restrictions, the groups said. The bill, sponsored by Representative Mike Rogers, a Michigan Republican, would allow private companies to share the information with any agency, including the U.S. National Security Agency, and allow agencies to use the shared information for a wide range of purposes, as long as there's also a "significant" cybersecurity or national security purpose for sharing the information, the critics said.

It will be easy for the government to find some cybersecurity or national security reason to request information, said James Robertson, a former judge with the Federal Intelligence Surveillance Court. "The government will then have everything, and your history and mine will be history," Robertson said during a briefing before congressional staffers.

Although a draft amendment to the bill requires a significant cybersecurity or national security purpose for sharing the information, those requirements would be a "little speed bump" for aggressive government agencies, said Greg Nojeim, senior counsel at CDT.

In recent days, Rogers and co-sponsor C.A. "Dutch" Ruppersberger, a Maryland Democrat, have circulated a draft amendment to the bill that would put some limits on information that can be shared, but the changes still allow private companies to share nearly all private communications if there's a significant cybersecurity or national security concern attached to the information, representatives of the three civil liberties groups said.

The bill's sponsors have defended the legislation, saying it does not require private companies to share cyberthreat information with government agencies. The bill allows private companies to better protect themselves by sharing information about malicious code and cyberattacks, Rogers said during a press briefing a week ago.

Rogers has called the bill limited in scope. More than 100 lawmakers have co-sponsored the bill, which also has support from Microsoft, Facebook, the U.S. Chamber of Commerce and trade group TechAmerica.

"Every day U.S. businesses are targeted by nation-state actors like China for cyber exploitation and theft," Rogers said last month in a statement. "This consistent and extensive cyber looting results in huge losses of valuable intellectual property, sensitive information, and American jobs."

But the bill remains too broad, representatives of the ACLU, CDT and the Constitution Project said. The bill would allow private companies to share private information with defense and intelligence agencies, including the NSA, with no restrictions on how that information is used once the NSA has it, said Michelle Richardson, legislative counsel with the ACLU.

"It's an American value that the military does not operate on American soil against Americans," she said.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?