Politicians snuck a bill into the massive budget agreement approved this week and some on Capitol Hill claim the hidden legislation allows the U.S. government to spy on its citizens more than ever.
“This ‘cybersecurity’ bill was a bad bill when it passed the Senate and it is an even worse bill today,” said Sen. Ron Wyden, D-Ore., of the Cybersecurity Information Sharing Act (CISA) of 2015. “Americans deserve policies that protect both their security and their liberty. This bill fails on both counts,” he said.
CISA was first crafted in 2014 and has been a hot-button piece of legislation ever since it was introduced to Congress. It passed the Senate in October, but has been in compromise stages between the House and the Senate ever since.
The bill intends to make it easier for private companies to share information regarding cybersecurity , including hacking techniques and ongoing threats, with the government. It reduces their liability for cooperating. The downside, according to critics like Sen. Mike Lee (R-Utah), is the legislation doesn’t protect citizen’s privacy.
“Airdrop(s) an entire cybersecurity bill which lacks important protections for privacy and personal information,” Lee said in response to the bill being included in the $1.15 trillion omnibus spending bill.
Tech experts are reporting that some of the items included in this CISA bill include allowing data to be sent directly to the National Security Agency (NSA) rather than the Department of Homeland Security (DHS) and removes a restriction preventing data from being used for surveillance.
However, the other two changes in the bill are more ominous. This new bill removes governmental limitations that only data related to cybersecurity can be used. The government can now use data to look at other criminal activity. It also drops the requirement for the government or private companies to “scrub” personal information that doesn’t relate to cybersecurity before sharing it with government agencies.
Approximately 55 civil liberty groups began working against the bill last spring, submitting an open letter signed by security experts. Even DHS expressed concern over the summer in stating that the bill’s passage could overwhelm the agency with information it doesn’t need while it “sweep(s) away privacy protections.”