Letter from 48 Advocacy Organizations, Security Experts, and Academics: New Cybersecurity Bill is a Threat To Privacy and Internet Security

WASHINGTON, DC —  Today, New America’s Open Technology Institute along with 25 other advocacy organizations and 22 security experts and academics sent a letter to the Senate Select Committee on Intelligence strongly opposing the latest version of the Cyber Information Sharing Act (CISA), which the committee is expected to vote on in a closed session sometime this month. A markup of the bill was originally scheduled for tomorrow but was postponed.

The draft version of the CISA bill, which was leaked online last month, raises serious privacy and Internet security concerns. As the letter states:

“CISA disregards the fact that information sharing can – and to be truly effective, must – offer both security and robust privacy protections. The legislation fails to achieve these critical objectives by including:

• Automatic NSA access to personal information shared with a governmental entity
  
• Inadequate protections prior to sharing
  
• Dangerous authorization for countermeasures
  
• Overbroad authorization for law enforcement use
  

OTI published an in-depth analysis of these and other concerns that CISA raises.

“This letter shows that four dozen leading privacy and security experts and organizations agree: CISA is the perfect example of what not to do when drafting cybersecurity information sharing legislation,” says Robyn Greene, Policy Counsel with New America’s Open Technology Institute. “Congress has been pursuing deeply flawed info-sharing bills like CISA for nearly half a decade, and each bill has stalled because of serious concerns raised by the privacy community. Now that security experts are joining our opposition, and telling them that CISA isn’t just bad for privacy but bad for cybersecurity itself, perhaps Congress will finally reassess its approach.”

“Congress’ approach to cybersecurity policy has been broken for years. It’s time for a new approach that doesn’t treat indiscriminate information sharing like it’s a silver bullet that will solve all of our problems,” said Kevin Bankston, Policy Director at New America’s Open Technology Institute. “When nearly two dozen leading Internet security experts tell Congress that it’s going in the wrong direction on cybersecurity, maybe it’s time for policymakers to go back to the drawing board and try something new.”