Cybersecurity Bill Facing Tech Support Problem?


The Cybersecurity Information Sharing Act (CISA) awaiting a Senate vote isn’t up to par on privacy safeguards, BSA | The Software Alliance recently said -- after some  privacy advocates accused the group’s tech company members of “betraying” Internet users by supporting the measure.

BSA showed no love for the bill, clarifying that it doesn’t endorse CISA and similar House legislation, although the group had earlier urged swift congressional passage of this kind of legislation. “BSA has consistently advocated for strong privacy protections in all information sharing bills currently pending before the Congress,” BSA’s said on its website in September. “We will continue to work with the Congress, others in industry and the privacy community to advance legislation that effectively deals with cyber threats, while protecting individual privacy.”

That news was music to the ears of Sen. Ron Wyden (D-Ore.), a leading CISA opponent. Companies are “changing their position largely because so many of their customers don’t want to see their privacy invaded,” Wyden told reporters Oct. 6.

Back in a Sept. 14 letter to congressional leaders, BSA urged action on cybersecurity threat data sharing. The tech sector and many other industries want legislation to allow disclosure of hacks to government or industry partners, without the risk of shareholder lawsuits or other legal headaches. But privacy advocates say that such legislation would authorize sweeping information sharing between the government and private sector, ultimately leading to the next big surveillance program at the NSA.

CISA wasn’t mentioned in the letter but that’s what nonprofit privacy advocacy group Fight for the Future read between the lines. The group launched a “You Betrayed Us Campaign,” designed to flood Silicon Valley with angry emails from Internet users. The group said tech companies, by supporting bills such as CISA, are “willing to endanger their users' security and civil rights in exchange for government handouts and protection.”

By Sept. 25, Marc Benioff, CEO of cloud computing firm Inc., a BSA member, tweeted that the letter “clearly was a mistake and doesn't imply CISA support. We need to clarify. I'm against it.”

That made Fight for the Future very happy. “It’s great to see the Internet flexing its muscles and showing its power to defend itself once again,” Evan Greer, the group’s campaign director, said. 

Whether efforts to kill CISA succeed remains to be seen. Many other industry groups, including the U.S. Chamber of Commerce, are still loyal fans of the legislation. On Capitol Hill, there’s talk about the bill getting action very soon. Then again, we’ve heard that before.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.