The CISA bill: not the answer to deterring cyber terrorism
The Cybersecurity Information Sharing Act (CISA) was recently passed in the U.S. Senate in an effort to fight cyber-terrorism, but will this controversial piece of legislation deliver the results it promises?
CISA is legislation that enables the U.S. government to “voluntarily” extract personal information from internet communication channels. The bill allows for a voluntary program for private tech companies to share user information with the federal government.
The CISA bill requires the director of National Intelligence and the Departments of Homeland Security (DHS), Defense, and Justice to promote an information-sharing program between the government and the private sector. This sharing program will provide a “real time” threat detection system, in which entities such as DHS can monitor any company’s information system. It also allows for intelligence agencies to utilize user data to maintain surveillance on citizens and potential persons of interest.
But, as is often the case in politics, Republican and Democratic senators ignored warnings from many experts on tech policy, saying that there is a potential risk to personal freedom, privacy, and the Fourth Amendment.
A group of college professors from across the country even sent an open letter to members of the Senate, warning them of the risks if CISA is to pass.
“A cornucopia of federal agencies could have access to the public’s heretofore private-held information with little fear that such sharing would ever be known to those whose information was shared,” the letter stated.
The professors also warned that the Freedom of Information Act will essentially be “neutralized” as a result of CISA’s provisions, and they say cyber-security measures should be put in the hands of the private sector.
One other thing to highlight is major tech companies opposed the CISA bill – well before it was passed. In fact, 22 of the world’s largest companies, including Apple, Google, Facebook, Twitter, and Yelp, are opposed to the bill.
With the failure of the PATRIOT Act and several recent high-profile cyber-attacks against government agencies, American citizens are wary – and rightfully so – of any promises the government makes about protecting personal information. One of the most important attacks was the recent Office of Personnel Management breach, which revealed private information about millions of American government workers.
The private sector has had its squabbles with security breaches. Notably, the Sony breach of last year was a true test of the capabilities of corporate information systems. However, companies like Symantec (also opposed to CISA), for example, must develop technologies that center on the protection of personal identity and protecting information that can be harmful to some.
The government should maintain a presence in cyber-security and threat deterrence, of course, but it should allow for the private sector to innovate the technology. CISA threatens the well-being of the American citizen, the integrity of the Constitution, and the sanctity of the right to privacy.
Michael McGrady is a contributor to Red Alert Politics and has been featured in The Hill, the Denver Post, and the Washington Examiner. He is an undergraduate at the University of Colorado at Colorado Springs, where he studies political science and criminal justice. Follow him on Twitter @mikemcgrady2 and e-mail him at mmcgrady@uccs.edu.