March 12, 2015
Today, in a closed-door meeting, the Senate Select Committee
on Intelligence approved the controversial Cyber Information Sharing Act of
2015 (CISA) with a vote of 14 to 1. That
legislation would broadly authorize
companies to share more information about possible cybersecurity threats with
the government and other companies.
However, a discussion draft of CISA that was released last month raised serious concerns about privacy and Internet security, as our in-depth analysis explains. The White House and privacy advocates, among others, reached out to the Committee urging that significant changes be made to the bill, and a coalition of 48 privacy and security experts sent a letter to the Committee opposing CISA.
Yesterday, Chairman Burr and Ranking Member Feinstein issued a joint press release stating that the bill will be amended to address some of those concerns. However, because updated language was not made public before the Committee began its consideration of the bill, it is not clear how effective those protections will be.
“We are glad that the Senate Intelligence Committee heard the privacy community’s concerns, and we’re eager to see if the changes to the bill will adequately address the significant threats to privacy and Internet security that CISA has raised,” said Robyn Greene, Policy Counsel with New America’s Open Technology Institute. “The devil is in the details, though, and we will be looking very closely at the language to determine whether the changes effectively protect Americans’ privacy. Based on how dangerously broad and vague the last version of the bill was, it would be surprising if the bill agreed to in secret today will garner the support of the privacy community.”
“We are also gravely disappointed that such important legislation has been developed and considered by the Senate Intelligence Committee behind closed doors, and we hope the Committee will make the final bill language public as soon as possible,” added Greene. “CISA will affect the rights and privacy of Internet users everywhere, and members of Congress and the public should have ample time to review the bill and to understand the full scope of its impact on security and privacy before it comes up for a vote.”
Policy Counsel, New America's Open Technology Institute