Despite warnings from Anonymous, Senate committee on Tuesday passes the Cybersecurity Information Sharing Act (CISA) during a closed session. The bill may increase NSA‘s power to collect personal data of American citizens, according to critics.
The CISA bill was drafted by Senator Saxby Chambliss and Sen. Dianne Feinstein, D-CA – widely known as a new form of last year’s CISPA bill, that was dropped by Congress after nationwide protests.
Critics fear that this bill will create a massive loophole in existing privacy laws by allowing the government to ask companies for “voluntary” cooperation in sharing information, including the content of communications, for cyber security purposes. But the definition lawmakers are using for the so-called “cybersecurity information” is so broad, it could sweep up huge amount of personal data of innocent Americans.
The Guardian reports that: “A cybersecurity purpose,” which was defined as “the purpose of protecting an information system or information that is stored on, processed by or transiting an information system from a cybersecurity threat or security vulnerability.”
In total 12 Senate members voted in favor and to 3 against the bill to advance it for full approval. Once the bill is passed, it would allow private firms to share information regarding cyber-attacks “in real time” for instance, if users are aware that their data is being shared with the federal government they cannot sue or do anything about it because it would also shield those firms from lawsuits by individuals against those companies for sharing data with each other.
“In the year since Edward Snowden revealed the existence of sweeping surveillance programs, authorized in secret and under classified and flawed legal reasoning, Americans have overwhelmingly asked for meaningful privacy reform and a roll back of the surveillance state created since passage of the Patriot Act, the bill would do exactly the opposite,” according to a letter written by privacy group.
Senators Mark Udall (D-Co.) and RonWyden (D-Or.) voted against the bill and criticizing the approval in a statement, according to which:
“Cyber-attacks on U.S. firms and infrastructure pose a serious threat to America’s economic health and national security. We agree there is a need for information-sharing between the federal government and private companies about cybersecurity threats and how to defend against them. However, we have seen how the federal government has exploited loopholes to collect Americans’ private information in the name of security. The only way to make cybersecurity information-sharing effective and acceptable is to ensure that there are strong protections for Americans’ constitutional privacy rights. Without these protections in place, private companies will rightly see participation as bad for business.
“We are concerned that the bill the U.S. Senate Select Committee on Intelligence reported today lacks adequate protections for the privacy rights of law-abiding Americans, and that it will not materially improve cybersecurity. We opposed the bill for these reasons, but we stand ready to work with our colleagues to address its shortcomings.”
The full text of CISA bill will be available next week.