The Cyber Intelligence Sharing and Protection Act (CISPA) was passed in the House of Representatives in the U.S in 2012 by a vote of 288-127. The bill had been criticised by privacy advocates, and in 2013 the U.S Senate rejected the bill after President Obama threatened to veto the bill even if it were passed because it did not contain enough civil liberties protections. The aim of CISPA was to allow corporations to share private data with the U.S government more easily, and with complete legal immunity.
After CISPA was rejected by the Senate, the Cybersecurity Information Sharing Act (CISA) was created and has been dubbed the “reincarnation of the Cyber Intelligence Sharing and Protection Act”. Advocates of the new bill are using the Sony hack incident as a reason to promote and push the renamed act. On March 12, 2015, the Senate Intelligence Committee approved the bill.
Similarly to CISPA, CISA intends to expanded legal liability to companies so they can share data with the government more easily. The result of the bill, according to its backers, means the government would be better equipped to deal with future cyber-attacks and intrusions. President Obama seems to have also revised his position on the bill since the Sony hacks, urging congress to push for tighter cyber security.
The White House identified information-sharing as a priority for 2015, and launched a series of policy initiatives at the start of the year directed at tackling the problems cyber-security.
Privacy advocates have insisted that CISA will not prevent hacking, companies like IBM and Dell already have cyber-security information systems that have not prevented attacks. The problems with CISA are twofold:
- Quite simply, the cyber-security act will not actually boost security,
- The “information sharing” term within the bill seems like another term for citizen surveillance.
The rewording of the CISPA bill means there are increased surveillance loopholes, and the passing of the bill could mean that tons of personal information is transmitted to the government.
Interestingly, the bill also poses a threat to whistleblowers. Ever since Edward Snowden, the U.S government have been trying to make sure a similar situation is never repeated. And the new bill would mean that an individual could be prosecuted for any violation of the Espionage Act by a potential whistleblower or investigative journalist reporting on leaks.
— Op Cyber Privacy (@OpCyberPrivacy) April 6, 2015
— Sovereign Investor (@SovereignInvest) April 3, 2015
— Brennan Center (@BrennanCenter) March 28, 2015