On March 12, the U.S. Senate Intelligence Committee voted to move forward the Cybersecurity Information Sharing Act (CISA), a bill that would enable companies to sign, seal, and deliver your personal information to the NSA. Some senators are trying to get the bill passed as soon as possible. Now we're taking the fight to the Senate floor — stay tuned.
Tomorrow, the U.S. Senate Intelligence Committee will secretly consider the Cybersecurity Information Sharing Act (CISA), a bill that would enable companies to sign, seal, and deliver your personal information to the NSA. The draft bill allows companies to forward “cyber threat indicators” to the government, which are then distributed with every relevant agency (e.g. the NSA.)
Companies that share information would be protected against lawsuits, even if users feel their privacy was violated.
CISA may even endanger the integrity of the internet by allowing companies to “hack back” when they face a cybersecurity threat — even though attributing attacks remains notoriously difficult and there is a real risk they may harm innocent users.
Digital security experts — including us at Access — have made clear that “information sharing” legislation, such as CISA and similar bills, should not be a priority for cybersecurity. That’s why we’re urging the Senate Intelligence Committee to abandon this bill.
In markup, members of the committee will likely make minor changes to the draft bill, but retain its fundamentally flawed core. A vote on the Senate floor will follow, and may happen as soon as the end of March.
In simple terms, CISA would threaten our fundamental right to privacy at a time when the NSA is still allowed to spy on users in the U.S. and around the world.