WASHINGTON, DC — On Tuesday, the Senate Select Committee on Intelligence met to consider the Cybersecurity Information Sharing Act of 2014 (CISA). New America’s Open Technology Institute (OTI) raised significant privacy and civil liberties concerns with the original bill in a detailed analysis and accompanying blog post, as well as in two coalition letters signed by a diverse group of organizations (available here and here). Nonetheless, the Committee approved a bill that failed to address OTI’s most significant privacy concerns.
Robyn Greene, Policy Counsel on surveillance and cybersecurity at OTI, had the following comments on the Senate Intelligence Committee's cyber bill, CISA:
“Despite broad opposition to the bill, and in the face of a year of revelations about how the NSA violates Americans’ privacy, the Senate Intelligence Committee passed CISA without making the significant changes needed to better protect our privacy and guarantee civilian control over our government’s domestic cybersecurity programs.
Instead, the Committee approved a bill that authorizes automatic information sharing with the NSA. The bill doesn’t even require companies to make an affirmative effort to identify and strip their customers’ personal information before sharing it with the government. It also authorizes companies and the government to engage in dangerous countermeasures. And then it leaves Americans without any legal recourse if they are harmed by a company that negligently monitors their activities or shares their information, or retaliates against a suspected threat.
Ultimately, CISA remains a huge step back on privacy, and like CISPA, is a bad approach to information-sharing legislation.”