The U.S. House of Representatives passed the Cyber Intelligence Sharing and Protection Act last week by a vote of 288 to 127, with 98 Democrats and 29 Republicans voting against the bill.
The legislation intends to “allow elements of the intelligence community to share cyber-threat intelligence with private-sector entities and utilities and to encourage the sharing of such intelligence.” The idea is that this would help protect networks in the United States from cyber attacks.
Legislation that addresses this issue is completely necessary. Given the occasional cyber attack from hackers on Facebook, the New York Times, the Defense Department, and others with access to troves of sensitive information, the United States must be prepared for the threat cyber-attacks pose.
Secretary of Defense Leon Panetta said in a speech to the Business Executives for National Security, “… foreign cyber actors are probing America’s critical infrastructure networks. They are targeting the computer-control systems that operate chemical, electricity, and water plants and those that guide transportation throughout this country.”
Preparing for these potentially disastrous events is all well and good, but we believe that the way the cyber act goes about improving cyber security is extremely invasive and a threat to Americans’ civil liberties.
As it stands, the bill allows information that can identify individuals to pass between government and private-sector corporations such as Microsoft, Apple, and social-networking sites.
And here’s the kicker: They can share it with anyone. People essentially just have to trust that no one is going to abuse access to that information in good faith. This is short-sighted and sets up a system susceptible to abuse.
An amendment that would have amended this problem was proposed and, oddly enough, defeated in the House of Representatives.
The American Civil Liberties Union said, “Under longstanding American legal requirements and policy traditions, the military is restricted from targeting Americans on American soil. Yet, [the cyber act] would empower military agencies such as the NSA to collect more information about Internet users in order to respond to online threats.”
Not only does it violate legal precedent, the cyber act would also allow the federal government to use information obtained through its program “to protect the national security of the United States.”
National security. That lovely, sneaky, little phrase that can mean just about anything anyone wants it to mean is particularly worrisome, given the government’s record of abusing civil rights in the name of national security.
And it gets worse. The ACLU reports that the cyber act permits information sharing on an extremely broad scale and “it grants immunity for literally anything companies choose to do in response to the information gleaned from its [cyber act] powers.”
Simply put, this legislation passed by the House of Representatives gives too much power with ridiculously broad limits to corporations and the military with access to troves of data on private citizens that could be easily abused and is not worth whatever added security benefit these measures may provide. Civil liberties and privacy are categorically non-negotiable and cannot be compromised.