A Surveillance Bill by Any Other Name Smells Just As Foul

Update (12/15/15): Some Congressional leaders are reportedly trying to jam cybersecurity legislation into the omnibus spending bill to fund the federal government. That would prevent a full-fledged debate of this controversial legislation and unfairly force members of Congress to swallow a surveillance “cybersecurity” bill as a condition for funding the government. Reports suggest that the cybersecurity provisions that have been snuck into the budget bill borrow heavily from the problematic Cybersecurity Information Sharing Act (see below for more information on CISA), but provide even weaker privacy protections. We urge Congressional leaders to reject the incorporation of cybersecurity legislation to the budget omnibus, and we remain opposed to CISA or any other attempt to pass a surveillance bill under the guise of protecting cybersecurity.

An impressive coalition has formed to oppose a new surveillance bill masquerading as cybersecurity legislation.

Privacy and civil liberties organizations, free market groups, and others from across the political spectrum are joining this week in a common chorus call: Stop CISA.

Proponents of CISA — the Cybersecurity Information Sharing Act — claim the Senate bill would help prevent cyber-crimes by improving information sharing between the government and the private sector. But in reality, CISA only succeeds in expanding government surveillance and weakening privacy while making Americans less secure online. The bill as drafted would have done nothing to stop the high-profile breaches at Sony, Anthem, and, most recently, the Office of Personnel Management, which holds terabytes of sensitive information about millions of government employees.

For several years, certain elements of the business community and national security hawks in Congress have pressed for legislation like CISA. In April, the House passed a package of similar cybersecurity information sharing bills, which were opposed by the ACLU and bevy of other privacy and civil liberties groups, but were in some ways dramatically better than the bill now pending in the Senate.

CISA’s vague language and expansive definitions will give the government new ways to collect and use the personal information and communications of innocent Americans, all without a warrant or any review by an independent court or overseer. CISA would allow companies to share information with the government relating to a “cybersecurity threat,” a term defined so broadly in the bill that it could include huge swaths of emails and text messages.  The handover of user information under CISA would be permitted even if otherwise prohibited by existing data privacy laws, like the Electronic Communications Privacy Act. The law would also give companies broad legal protections even if they improperly share consumer data.

And, perhaps unsurprisingly, the information shared by companies would automatically be forwarded to numerous intelligence, military, and law enforcement agencies, including the NSA and FBI.  

Once in the government’s hands, CISA allows for the shared information to be used in garden-variety law enforcement cases that have nothing to do with cybersecurity. For example, the government could use private emails and messages received from communications providers like Comcast, Facebook, Google, or Verizon to investigate and prosecute whistleblowers who report serious misconduct to the press. That’s a serious concern given that the Obama administration has already prosecuted more national security whistleblowers than all other administrations combined.

As an added bonus for government snoopers, CISA also includes a new exemption to the Freedom of Information Act, which will make it harder for groups like the ACLU to obtain documents from the government to determine how it is using — or misusing — the shared information.  That means, for example, that it could be nearly impossible for us to find out how much private information is flowing from companies to the government or how the government is using it.

And despite CISA’s promise to open the floodgates for private information to flow to the government without any privacy protections, it fails at actually delivering better cybersecurity. As we learned with the hack at the OPM, the government is not a reliable guarantor of data security. Hackers were able to access the personal information of millions of Americans — including Social Security numbers, birthdates, and records about citizens’ finances, health, associations, and even sexual orientation—that applicants for security clearances must disclose to the government. All that additional information would make the government an even more desirable target for cybersnoops and cybercrooks.

CISA is more than just a bad solution to a serious problem. It would actually make cybersecurity worse while compromising basic democratic protections for personal privacy. The Senate must reject this surveillance bill. But if it decides to send this travesty to the president, he should veto the bill, consistent with his past threats against similarly atrocious bills.  

Do your part to Stop CISA.

Add a comment (8)
Read the Terms of Use

Ol' Hippy

Just when you thought it couldn't get any worse, another bill is introduced to keep surveillance in place or more of the same. I guess the good ole USA is gone for good, ( when all we had to do was watch out for the FBI)! Is there any length that the US government will go to to keep a watch on all of us, now the norm? I pine for the good ole days when a protest was actually paid attention to by officials.

Anonymous

The links for "Do your part to Stop CISA" are broken; they need an "http://" at the front of them.

Matthew Harwood

Thanks, Anon. This should be fixed.

Anonymous

The DOJ, NSA, CIA do what ever they want until caught, "It's easier to ask for forgiveness than for permission" is their mantra!

Anonymous

The United States is an oligarchy moving quickly to an Aristocracy. (Case in point, the only people who can get elected must have the last name of Clinton or Bush.) A surveillance apparatus is needed to keep this type of Government in place and so this will happen. There isn't must the ACLU or anyone can do. Remember this is what happens in a godless society.

Anonymous

Where is your God when innocent people are killed by morally bankrupt cops?
He must be at lunch with the government contractor.
You should join them with your hopeless attitude...there is something we can do and complacent bystanders can sit down and shut-up. Tax payers shouldn't be fitting the bill for mismanaged programs that abuse their liberties. Fighting domestic terrorism or semi-retired peeping Tom? It's all the same until we stop being pansies with our tails between our legs.

Anonymous

A friend of mine showed me something she received from The U. S. Census Bureau, requesting that a survey, called the ACS (American Community Service), be filled out. It was addressed to "Resident." But, it said that it was mandated by law, which is what worried her. Sounded a little fishy to me, so I went online, and checked out the site. Talk about information! The questions are numerous, and beyond invasive. Makes other government data collection look like child's play. And, yes, it is mandated by law; the site gives links to actual statutes. It replaces the old census. It's definitely worth checking out.

Anonymous

The "there's nothing we can do" attitude is incorrect.
There is a lot we can do. Covert and overt exposure - just like the unconstitutional surveillance.

A couple pigs and the rest are silent accomplices. What a shame that they have obtained the same level of credibility as the people the cuff.

You'll catch my county officials and local law enforcement in the news soon. Creative exposure...despite 3 years of being treated like Osama.

Sign Up for Breaking News