If hackers can spy on you all then so should we – US Senator logic

CISA info-sharing bill tacked onto military funding paperwork

42 Reg comments Got Tips?

Following the cyber-attack during which dossiers on four million US government employees were stolen from Uncle Sam's servers, staggering out of the smoldering blast crater is Senator Richard Burr (R-NC). And he's not happy.

In his soot-covered hand is a copy of the Cybersecurity Information Sharing Act (CISA), and this week, he angrily stapled it to another proposed law. Because that's how people get things done in Washington.

The CISA legislation was written to allow technology companies to share information about their customers with the Feds for the purposes of national security and online threats, in exchange for partial legal immunity from citizens upset about this data handover. Critics say it's a license to spy, whereas supporters say it will thwart the cyber-boogeymen.

CISA was due to be debated in the Senate later this year, but Burr has now added it as an amendment to the larger National Defense Authorization Act, which is primarily focused on military funding.

"The recent cyber breach at the Office of Personnel Management was a serious attack on our government and we cannot continue to have citizens' personal information needlessly exposed to foreign adversaries and criminals," said Burr, referring to the government data center compromise revealed earlier this month. Hackers swiped from the Office of Personnel Management sensitive records on millions of Americans, some of whom had applied for security clearances. Its IT defenses were found to be lacking by auditors.

"We can no longer simply watch Americans' personal information continue to be compromised. This bill is long needed and will help us combat threats to our country and our economy," Burr continued.

But the move has been decried by one of the authors of the legislation, Senator Dianne Feinstein (D-CA). She had been marshaling support on the Democratic side of the Senate for the legislation, but the move to add it on as an amendment – which would limit debating time on its provisions – has now imperiled that.

"Filing the cybersecurity bill as an amendment to the defense authorization bill prompted a lot of legitimate and understandable concern from both sides of the aisle," Feinstein said in Congress, The Hill reports. "People want a debate on the legislation, and they want an opportunity to offer relevant amendments."

The move has already brought strong condemnation from senior members of the Senate who serve on the intelligence subcommittee. Senator Ron Wyden (D-OR) said he would fight the move, and would offer additional amendments to deal with what he describes as flawed legislation.

"Cybersecurity threats demand thoughtful solutions, not half-baked efforts that don't address the real problems," he said.

"CISA would create a way for the government to obtain Americans' information without a warrant, and without adequate protections to protect their privacy. Most security experts agree that encouraging private companies to share more information with the government would have done little if anything to prevent recent data breaches." ®

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER


Biting the hand that feeds IT © 1998–2020