The Cybersecurity Information Sharing Act that was recently passed by the Senate – appears to be a misguided effort to ‘do something’.–PC Pitstop.
Is Less Privacy & More Data Sharing the Answer?
By Bob Rankin
All Your Privacy Are Belong to Us
The U.S. Congress is poised to enhance citizens’ privacy and cybersecurity protections… with a new law that blows gaping holes in existing privacy and cybersecurity protection laws. Yes, you read that right. Now read on to learn more about CISA — the Cybersecurity Information Sharing Act…
CISA: Less Security and Privacy?
If the Cybersecurity Information Sharing Act (CISA) becomes law, private-sector companies would be allowed – even pressured – to share customers’ data with the Department of Homeland Security without requiring a search warrant or court order.
CISA is a reaction to the rising number of data breaches and other attacks that hackers have been launching in recent years. Its ostensible purpose is to encourage private companies to share data about such attacks and threats of attacks with law enforcement agencies, using the DHS as a clearinghouse.
DHS would receive the data, then distribute it to appropriate federal, state, and local law enforcement agencies who are supposed to defend companies against cyberattacks. The House and Senate versions of CISA also permit data collected by DHS to be used in investigations of violent crimes like robbery and carjacking.
CISA Cybersecurity and Privacy Law
CISA declares that any “cybersecurity threat” information that companies gather may be shared with DHS “notwithstanding any other provision of law.” The bill does not clearly define what “cybersecurity threat information” is, so opponents argue it could include anything: financial transaction data, health information, e-mails, private pictures or videos, you name it.
“The incentive and the framework (CISA) creates is for companies to quickly and massively collect user information and ship it to the government,” said Mark Jaycox, a legislative analyst for the Electronic Frontier Foundation, in an interview with Wired magazine. “As soon as you do, you obtain broad immunity, even if you’ve violated privacy law.”
Article Continued Here