Oct 27, 2015
Under the vague guise of "cybersecurity", the Senate voted Tuesday to pass the Cybersecurity Information Sharing Act (Cisa), a spying bill that essentially carves a giant hole in all our privacy laws and allows tech and telecom companies to hand over all sorts of private information to intelligence agencies without any court process whatsoever. Make no mistake: Congress has passed a surveillance bill in disguise, with no evidence it'll help our security.
All that is needed for companies to hand over huge swaths of information to the government is for it to contain "cyber threat indicators" - a vague phrase that can be interpreted to mean pretty much anything. Your personal information - which can include the content of emails - will be handed over to the Department of Homeland Security, the agency supposedly responsible for the nation's cybersecurity. From there the information can be sent along to the NSA, which can add it to databases or use it to conduct even more warrantless searches on its internet backbone spying (which once again, a judge ruled last week could not be challenged in court because no one can prove the NSA is spying on them, since the agency inevitably keeps that information secret).
Try asking the bill's sponsors how the bill will prevent cyberattacks or force companies and governments to improve their defenses. They can't answer. They will use buzzwords like "info-sharing" yet will conveniently ignore the fact that companies and the government can already share information with each other as is.
There were barely any actual cybersecurity experts who were for the bill. A large group of respected computer scientists and engineers were against it. So were cyberlaw professors. Civil liberties groups uniformly opposed (and were appalled by) the bill. So did consumer groups. So did the vast majority of giant tech companies. Yet it still sailed through the Senate, mostly because lawmakers - many of whom can barely operate their own email - know hardly anything about the technology that they're crafting legislation about.
This is the state of "cybersecurity" legislation in this country, where lawmakers wanted to do something, but lacking any sort of technical expertise - or any clue at all what to do - just decided to cede more power to intelligence agencies like the NSA. The bill, which used to be known as Cispa, has been festering in Congress for years, and now it looks like it will finally head to the President's desk.
Along the way, the Senate decided to reject a handful of common sense privacy amendments that could've protected that information. One by one, privacy and transparency amendments that would've at least made the bill less awful were voted down on Tuesday.
First, they voted down Senator Ron Wyden's amendment that would've forced companies to strip out personally identifiable information before handing data over to the government. They voted down Senator Patrick Leahy's amendment that would've prevented Cisa from carving out a new exemption to the Freedom of Information Act, which will prevent news organizations and others from using the transparency law to find out what types of information companies are handing over to the government.
In an era of secret law, where the government has no problem completely re-interpreting laws in complete secrecy to allow mass spying on Americans, we now have another law on the books that carves a hole in our privacy laws, contains vague language that can be interpreted any which way, and that has provisions inserted into it specifically to prevent us from finding out how they're using it.
Join Us: News for people demanding a better world
Common Dreams is powered by optimists who believe in the power of informed and engaged citizens to ignite and enact change to make the world a better place. We're hundreds of thousands strong, but every single supporter makes the difference. Your contribution supports this bold media model—free, independent, and dedicated to reporting the facts every day. Stand with us in the fight for economic equality, social justice, human rights, and a more sustainable future. As a people-powered nonprofit news outlet, we cover the issues the corporate media never will. |
© 2023 The Guardian
Trevor Timm
Trevor Timm is a co-founder and the executive director of the Freedom of the Press Foundation. He is a writer, activist, and legal analyst who specializes in free speech and government transparency issues. He writes a weekly column for The Guardian and has also contributed to The Atlantic, Al Jazeera, Foreign Policy, Harvard Law and Policy Review, PBS MediaShift, and Politico.
Under the vague guise of "cybersecurity", the Senate voted Tuesday to pass the Cybersecurity Information Sharing Act (Cisa), a spying bill that essentially carves a giant hole in all our privacy laws and allows tech and telecom companies to hand over all sorts of private information to intelligence agencies without any court process whatsoever. Make no mistake: Congress has passed a surveillance bill in disguise, with no evidence it'll help our security.
All that is needed for companies to hand over huge swaths of information to the government is for it to contain "cyber threat indicators" - a vague phrase that can be interpreted to mean pretty much anything. Your personal information - which can include the content of emails - will be handed over to the Department of Homeland Security, the agency supposedly responsible for the nation's cybersecurity. From there the information can be sent along to the NSA, which can add it to databases or use it to conduct even more warrantless searches on its internet backbone spying (which once again, a judge ruled last week could not be challenged in court because no one can prove the NSA is spying on them, since the agency inevitably keeps that information secret).
Try asking the bill's sponsors how the bill will prevent cyberattacks or force companies and governments to improve their defenses. They can't answer. They will use buzzwords like "info-sharing" yet will conveniently ignore the fact that companies and the government can already share information with each other as is.
There were barely any actual cybersecurity experts who were for the bill. A large group of respected computer scientists and engineers were against it. So were cyberlaw professors. Civil liberties groups uniformly opposed (and were appalled by) the bill. So did consumer groups. So did the vast majority of giant tech companies. Yet it still sailed through the Senate, mostly because lawmakers - many of whom can barely operate their own email - know hardly anything about the technology that they're crafting legislation about.
This is the state of "cybersecurity" legislation in this country, where lawmakers wanted to do something, but lacking any sort of technical expertise - or any clue at all what to do - just decided to cede more power to intelligence agencies like the NSA. The bill, which used to be known as Cispa, has been festering in Congress for years, and now it looks like it will finally head to the President's desk.
Along the way, the Senate decided to reject a handful of common sense privacy amendments that could've protected that information. One by one, privacy and transparency amendments that would've at least made the bill less awful were voted down on Tuesday.
First, they voted down Senator Ron Wyden's amendment that would've forced companies to strip out personally identifiable information before handing data over to the government. They voted down Senator Patrick Leahy's amendment that would've prevented Cisa from carving out a new exemption to the Freedom of Information Act, which will prevent news organizations and others from using the transparency law to find out what types of information companies are handing over to the government.
In an era of secret law, where the government has no problem completely re-interpreting laws in complete secrecy to allow mass spying on Americans, we now have another law on the books that carves a hole in our privacy laws, contains vague language that can be interpreted any which way, and that has provisions inserted into it specifically to prevent us from finding out how they're using it.
Trevor Timm
Trevor Timm is a co-founder and the executive director of the Freedom of the Press Foundation. He is a writer, activist, and legal analyst who specializes in free speech and government transparency issues. He writes a weekly column for The Guardian and has also contributed to The Atlantic, Al Jazeera, Foreign Policy, Harvard Law and Policy Review, PBS MediaShift, and Politico.
Under the vague guise of "cybersecurity", the Senate voted Tuesday to pass the Cybersecurity Information Sharing Act (Cisa), a spying bill that essentially carves a giant hole in all our privacy laws and allows tech and telecom companies to hand over all sorts of private information to intelligence agencies without any court process whatsoever. Make no mistake: Congress has passed a surveillance bill in disguise, with no evidence it'll help our security.
All that is needed for companies to hand over huge swaths of information to the government is for it to contain "cyber threat indicators" - a vague phrase that can be interpreted to mean pretty much anything. Your personal information - which can include the content of emails - will be handed over to the Department of Homeland Security, the agency supposedly responsible for the nation's cybersecurity. From there the information can be sent along to the NSA, which can add it to databases or use it to conduct even more warrantless searches on its internet backbone spying (which once again, a judge ruled last week could not be challenged in court because no one can prove the NSA is spying on them, since the agency inevitably keeps that information secret).
Try asking the bill's sponsors how the bill will prevent cyberattacks or force companies and governments to improve their defenses. They can't answer. They will use buzzwords like "info-sharing" yet will conveniently ignore the fact that companies and the government can already share information with each other as is.
There were barely any actual cybersecurity experts who were for the bill. A large group of respected computer scientists and engineers were against it. So were cyberlaw professors. Civil liberties groups uniformly opposed (and were appalled by) the bill. So did consumer groups. So did the vast majority of giant tech companies. Yet it still sailed through the Senate, mostly because lawmakers - many of whom can barely operate their own email - know hardly anything about the technology that they're crafting legislation about.
This is the state of "cybersecurity" legislation in this country, where lawmakers wanted to do something, but lacking any sort of technical expertise - or any clue at all what to do - just decided to cede more power to intelligence agencies like the NSA. The bill, which used to be known as Cispa, has been festering in Congress for years, and now it looks like it will finally head to the President's desk.
Along the way, the Senate decided to reject a handful of common sense privacy amendments that could've protected that information. One by one, privacy and transparency amendments that would've at least made the bill less awful were voted down on Tuesday.
First, they voted down Senator Ron Wyden's amendment that would've forced companies to strip out personally identifiable information before handing data over to the government. They voted down Senator Patrick Leahy's amendment that would've prevented Cisa from carving out a new exemption to the Freedom of Information Act, which will prevent news organizations and others from using the transparency law to find out what types of information companies are handing over to the government.
In an era of secret law, where the government has no problem completely re-interpreting laws in complete secrecy to allow mass spying on Americans, we now have another law on the books that carves a hole in our privacy laws, contains vague language that can be interpreted any which way, and that has provisions inserted into it specifically to prevent us from finding out how they're using it.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.