Civil Society Groups and Security Experts Pan New Info-Sharing Bill

Nearly fifty civil society organizations, security experts, and academics have signed a letter to members of the Senate Select Committee on Intelligence saying the Cybersecurity Information Sharing Act of 2015, or CISA, that the committee is currently considering “would significantly undermine privacy and civil liberties.”

“Cybersecurity legislation should be designed to increase digital hygiene and identify and remediate advanced threats, not create surveillance authorities that would compromise essential privacy rights, and undermine security,” the letter said.

Sponsors of the bill say it is needed to facilitate information sharing about cyber threats among private companies and between private companies and the government.  However, the letter argued that the legislation falls short by including:

  • Automatic access by the National Security Agency to any personal information shared with a governmental entity;
  • Inadequate protections of private information prior to sharing;
  • Dangerous authorization for countermeasures; and
  • Overbroad authorization for law enforcement use.

As a result, it urged the committee to reject the legislation “in its current form.”

In particular, the letter notes that the current legislation does not effectively require private entities to strip out information that identifies a specific person prior to sharing cyber threat indicators with the government.  It should require that companies make at least a reasonable effort to identify all personally identifiable information and, unless it is necessary to counter the cyber threat, remove it before sharing any threat indicators with the government. “The default should be to preserve privacy, rather than to sacrifice it,” the letter said.

In addition, the legislation currently allows information obtained for cyber security purposes to be widely shared with law enforcement, creating a loophole to conduct backdoor searches on Americans – including searches of digital communications that would otherwise require law enforcement to obtain a warrant based on probable cause – thereby undermining Fourth Amendment protections and constitutional principles.

Among the groups joining TCP in signing the letter are the American Library Association, the ACLU, the Center for Democracy and Technology, the Electronic Freedom Foundation, the National Association of Criminal Defense Lawyers, and New America’s Open Technology Institute.

Donate Now

US Constitution

Upcoming Events