Yesterday, the United States Senate passed the highly controversial Cybersecurity Information Sharing Act, also known as CISA. CISA is a massive blow against the tech industry as a whole and advocates of privacy. Passing by a 74-21 bipartisan vote, the bill is intended to allow companies to share information on cybersecurity threats with the government. Many critics of the bill say that it will extend the surveillance capabilities of the government while offering minimal deterrence against hacks.
Since the bill has already passed the House of Representatives, and the White House backs CISA, it is very unlikely that the bill will fail to be signed into law at this point.
Earlier in March, Committee chairman Senator Richard Burr offered commentary on the benefits of the bill stating:
“This legislation protects the privacy rights of Americans while also minimizing our vulnerability to cyberattacks. Information sharing is purely voluntary and companies can only share cyber-threat information and the government may only use shared data for cybersecurity purposes.”
Some Senators fought for additional amendments in the bill that would offer more privacy protections. Unfortunately for tech and privacy advocates, no additional amendments were added. Senators decided to adopt a ten-year sunset clause for the bill, up from the six-year clause that privacy advocates hoped to achieve.
CISA Creates Security Insecurity
CISA will allow tech companies to share any information (including personal user data) with the government while being protected from any recourse for their actions. Users of US-based tech services will have no guarantee that their personal, unencrypted information held by third-parties is secure, since the law would supersede any privacy clauses within the service agreement. Users of online services will undoubtedly lose the guarantee of privacy if CISA becomes law.
Bitcoin users of registered US-based companies could lose privacy that was previously guaranteed under the usage agreements of the services, revealing their assets or other sensitive information to the government without knowing.
Though the bill was expected to pass, the passing of the bill without additional privacy protections was a huge setback for the lobbying efforts of the tech industry. Since the aftermath of Edward Snowden, tech companies have been pushing back against the government in attempt to mitigate surveillance practices and increase the privacy of the industry and its users.
What do you think about CISA and its applications? Let us know in the comments below!
Images via Pixabay and Shutterstock.