Skip to main content

Sign up for our newsletter.

Quality journalism. Progressive values. Direct to your inbox.

Some tech companies are eager to share more of our personal data with the government so long as they don't have to worry about violating any privacy safeguards. CISA gives companies exactly what they want: ironclad liability protection to share information about any perceived cyber threats with federal agencies. (Photo: Mr. Thinktank/flickr/cc)

Cyber Bill Gives Companies Perfect Cover to Gut Your Privacy

Sandra Fulton

 by Free Press

Following several high-profile data breaches — such as those at Sony and the U.S. Office of Personnel Management — Congress is once again feeling the pressure to push “cybersecurity” legislation.

The problem is, the bill they’re laser-focused on is misguided, wouldn’t protect us — and is a huge gift to companies wanting legal cover if and when they choose to violate Americans’ privacy rights.

In March, the Senate Intelligence Committee voted 14–1 in favor of the Cybersecurity Information Sharing Act of 2015 (CISA). The bill, like its infamous predecessor CISPA, would allow companies to share vast amounts of users’ private and personally identifiable data with the government. That information would go straight to the Department of Homeland Security and then on to the NSA.

If CISA passes, companies would be permitted to monitor and then report to the government on vaguely defined “cyber-threat indicators” — a term so broad that it covers actual threats hackers pose to computer systems but also sweeps in information on crimes like carjacking and burglaries. Those are serious offenses to be sure, but they have nothing to do with cybersecurity.

While current law allows companies to monitor their own systems for cyber threats, CISA would take this to the next level. The bill would allow companies that hold huge swaths of our personal data — like health insurers and credit-card companies — to monitor and report online activity “notwithstanding any other provision of law.”

This means that CISA would undermine the strong protections embedded in laws like the Electronic Communications Privacy Act of 1986 and the Privacy Act of 1964 — laws designed to keep the government from spying on our communications.

While posing a serious threat to our privacy online, CISA wouldn’t even guard well against cyber attacks. The bill offers a bad trade-off, to put it mildly.

In April, leading Internet-security technologists wrote to the Senate Intelligence Committee, arguing that Congress didn’t need to create new legal authority to let companies share information designed to help protect their systems from future attacks. As their letter explains:

Waiving privacy rights will not make security sharing better. The more narrowly security practitioners can define these IoCs [indicators of compromise] and the less personal information that is in them, the better… Any bill that allows for and results in significant sharing of personal information could decrease the signal to noise ratio and make IoCs less actionable.

In June 2015, further revelations from whistleblower Edward Snowden showed that much of the activity CISA would authorize has been going on for quite some time. Leaked government slides show that the NSA and the FBI secretly joined forces in 2012 to spy on Internet traffic in pursuit of cybersecurity suspects.

Despite these efforts, cyber attacks have continued to escalate. Yet this bill to immunize companies from liability for sharing our personal data sailed through the Senate Intelligence Committee.

The lone dissenter on that committee, Sen. Ron Wyden, noted that cyber attacks are a “serious problem.” However, Wyden said, “if information-sharing legislation does not include adequate privacy protections, then that’s not a cybersecurity bill — it’s a surveillance bill by another name.”

So who’s behind the massive push to pass CISA? Insurers, credit-card companies, banks, gas and oil giants, and telecom companies have all lined up behind the bill. Keepers of some of our most private and sensitive data — banks like JPMorgan Chase, and health insurers like Anthem and Blue Cross Blue Shield, to name just a few — are lobbying hard for CISA’s passage.

In fact, according to lobby-disclosure reports for the first quarter of 2015, the number of companies lobbying for CISA has just about tripled over the last year. Recent attacks have cost companies billions, not to mention embarrassment.

Stronger cyber “hygiene” would best protect these companies from intrusions and breaches, but that would be costly. Implementing invasive monitoring programs and handing the information off to the government is far preferable if that approach can be sold as a solution to the problem.

In short, these companies are eager to share more of our personal data with the government so long as they don't have to worry about violating any privacy safeguards. CISA gives companies exactly what they want: ironclad liability protection to share information about any perceived cyber threats with federal agencies.

So while CISA would do little or nothing to improve cybersecurity, it would strengthen the surveillance regime and make our personal information even more vulnerable to government abuse.

Leaders in the Senate, who want to pass CISA before Congress breaks for its August recess, have announced that the bill will be up on their agenda as soon as this week. The Free Press Action Fund is working with our allies to fight back. Please click here to urge your senators to oppose this dangerous bill.


This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.
Sandra Fulton

Sandra Fulton

Sandra Fulton is the government relations director for Free Press Action.

This is the world we live in. This is the world we cover.

Because of people like you, another world is possible. There are many battles to be won, but we will battle them together—all of us. Common Dreams is not your normal news site. We don't survive on clicks. We don't want advertising dollars. We want the world to be a better place. But we can't do it alone. It doesn't work that way. We need you. If you can help today—because every gift of every size matters—please do. Without Your Support We Simply Don't Exist.

African Leaders Condemn Vaccine Apartheid as an 'Indictment on Humanity'

"We tend to forget that no one is safe until everyone is safe."

Jake Johnson ·


As Other States Try to Copy Texas, SCOTUS Asked to Find Abortion Ban Unconstitutional

The request from healthcare providers comes after a Florida Republican filed a copycat bill and advocacy groups called on Congress to affirm the right to abortion nationwide.

Jessica Corbett ·


As Bids to Slash Pentagon Budget Fail, US Military Spending Slammed as 'Height of Absurdity'

"Spending $780 billion on weapons and war while our communities starve, while the climate crisis worsens, while a pandemic that has killed millions and affected countless more rages on, is a national shame."

Brett Wilkins ·


'This Is Big': House Passes Amendment to Cut US Complicity in Saudi Bombing of Yemen

The vote, said Rep. Ro Khanna, "sent a clear message to the Saudis: end the bombing in Yemen and lift the blockade."

Andrea Germanos ·


Praised for 'Braving the Smears,' Tlaib Votes Against $1 Billion in Military Aid to Israel

One rights group thanked Tlaib "for speaking truth to power" while being attacked "for simply insisting that Palestinians are human beings who deserve safety, security, and freedom from Israeli apartheid."

Brett Wilkins ·

Support our work.

We are independent, non-profit, advertising-free and 100% reader supported.

Subscribe to our newsletter.

Quality journalism. Progressive values.
Direct to your inbox.

Subscribe to our Newsletter.


Common Dreams, Inc. Founded 1997. Registered 501(c3) Non-Profit | Privacy Policy
Common Dreams Logo