On Friday President Obama signed the Cybersecurity Information Sharing Act or CISA into law causing many to compare the law’s privacy issues to The Patriot Act.
The Cybersecurity Information Sharing Act, or CISA, was passed yesterday by lawmakers on capital hill. The controversial bill was attached to a must-pass government budget bill required to keep the federal government from shutting down before the holidays. As expected, the President signed the bill later that day.
The Cybersecurity Information Sharing Act goal is to create boost the private sector and government sector relationship by sharing information with each other about known hacker threats and their networks. The act offers protection from liability to companies for data breaches of consumer information.
Opponents, however, felt the act’s passage was in some ways eerily similar to when the Patriot Act, considered by many as one of the most largest expansive surveillance policies in modern American history, was passed shortly after 9/11.
In an email to The Intercept, Director of Fight For the Future digital rights group, Evan Greer compared it to the Patriot Act.
CISA is the new PATRIOT Act. It’s a bill that was born out of a climate of fear and passed quickly and quietly using a broken and nontransparent process.
Just like the USA PATRIOT Act, CISA was a collection of old ideas that Congress had repeatedly rejected. And just like the PATRIOT Act, they re-wrote the final bill in secret and snuck it through Congress before most people could even read it,” he continued. “And just like the PATRIOT Act, the bill will be used for far more than what Members of Congress think that they are authorizing.
But security expert Macy Wheeler points out, this time the urgency may have came more from the Chamber of Commerce and some cooperation who will benefit from the way the act lets corporations “that don’t fix their issues” off the hook, than from intelligence community.Wheeler notes that the act might restrict the government from suing companies who have been breached even when it is their fault, as long as they share information about the cyber threat.
Other advocates of privacy highlight that the Cybersecurity Information Sharing Act was passed under more secrecy than even the Patriot Act. “The Patriot Act was billed as something exceptional and game-changing. CISA disguised itself,” executive assistant for X-Lab Jeff Landale wrote in a tweet. The Cybersecurity Information Sharing Act is more “technically complicated in how it expands the surveillance state,” Landale continued. “The main difference politically is that too many in Congress just didn’t see CISA as a big deal.”
The Cybersecurity Information Sharing Act has received criticism and opposition from major tech companies including Reddit, Apple, and Twitter. Earlier this year, a coalition of 55 security experts and civil liberty groups signed a letter opposing the Act. The Department of Homeland Security, in July, also warned the act could overwhelm the department with data of “dubious value” and “sweep away privacy protections”. Of particular note, the largest aggregator of internet private content, Facebook, opposed the bill.
Even Edward Snowden chimed in:
— Edward Snowden (@Snowden) October 25, 2015
Congress found the “Trojan Horse” it needed to pass the massive privacy overall in the $1.1 trillion government budget bill. It quickly passed the House on Friday, the Senate moments later, and signed into law hours later by President Obama.
House Speaker Paul Ryan announced during a late-night session of Congress a version of the “omnibus” bill that now included CISA. And the rest was history.