Cybersecurity bill draws praise, concern

A Senate bill passed Tuesday seeks to address concerns over cybersecurity attacks by encouraging data-sharing between government and business, but it raises questions about privacy. 

AP File/Pablo Martinez Monsivais
Senate Intelligence Committee Chairman Sen. Richard Burr, R-N.C., right, confers with committee Vice-Chair. Sen. Dianne Feinstein, D-Calif., center, and committee member Sen. Ron Wyden, D-Ore., on Capitol Hill in Washington. The Senate is poised to pass a bill intended to improve cybersecurity by encouraging the sharing of threat information among companies and the U.S. government. Senators were voting on a handful of amendments Tuesday before a final vote expected later in the day on the Cybersecurity Information Sharing Act.

After years of political wrangling, the US Senate on Tuesday passed a cybersecurity bill that has drawn praise from business groups and criticism from privacy advocates.

In a 74-to-21 vote, the Cybersecurity Information Sharing Act moved closer to becoming law, a measure proponents say will spur private business and government agencies to share information in a quest to ebb the assault of hackers — an increasingly common occurrence for both business and government alike.

Critics counter that the bill would allow the government to violate privacy boundaries, and that it would not in practice prevent security breaches from hackers at all.

The thinking behind the bill is that sharing information would better prepare the country against hackers, although the bill does not clearly define how information collected would be disseminated or who would ultimately be in control.

The US Chamber of Commerce, the country’s largest business group, lobbied hard for the bill, stating on its website that to overcome obstacles arising from cybersecurity threats, private-public partnerships must form and share information.

“In an interconnected world, economic security and national security are linked,” said Thomas J. Donohue, the chamber's CEO. “To maintain a strong and resilient economy, we must protect against the cyber attacks.

A bevy of big companies and trade associations also supported the bill.

“The legislation passed by the Senate today bolsters our cyber defenses by providing the liability protections needed to encourage the voluntary sharing of cyber threat information,” in a statement released by the Telecommunications Industry Association and quoted in The Guardian.

Technology companies, such as Twitter, Apple and Google, opposed the bill on the grounds it would increase government spying, while the protections currently tendered in the bill do not go far enough to actually work.

The Guardian reported a group of university law professors recently sent an open letter to the Senate, saying the bill would override gains made through the already-installed Freedom of Information Act.

“The Freedom of Information Act would be neutralized,” the professors wrote. “While a cornucopia of federal agencies could have access to the public’s heretofore private-held information with little fear that such sharing would ever be known to those whose information was shared.”

Edward Snowden lent his opinion to the bill’s passage, stating on Twitter that if passed into law it would limit Internet freedoms and give “companies legal immunity for violating privacy laws if they also give your data to the government, ” a reference to a stipulation that would help companies sharing information with the Central Intelligence Agency or Federal Bureau of Investigation protection to avoid legal repercussions.

With a similar bill already having passed in the House in April, both chambers would have to merge their legislation and vote again before President Obama could sign it into law. 

Whether Obama will veto such a bill depends on if its final passage meets his own standards on security and privacy, said Nathan White, a senior manager with the digital rights group, Access, to the National Review.    

"The administration's policy up to this point has been very clear," he said. "It has supported CISA’s process but expressed concerns that it is currently dangerous to cybersecurity."

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.