[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Opponents launch 11th-hour campaign to veto CISA bill



---------- Forwarded message ----------
From: Henry Baker <hbaker1@xxxxxxxxxxxx>
Date: Tue, Dec 15, 2015 at 1:10 PM
Subject: Opponents launch 11th-hour campaign to veto CISA bill


FYI -- "it's a surveillance bill by another name." -- Senator Ron Wyden

Go to the following web site; they will connect you to a number of
people at the White House who are getting irritated by so many calls!

https://www.obamadecides.org/

-----
https://www.techdirt.com/articles/20151215/06470133083/congress-drops-all-pretense-quietly-turns-cisa-into-full-surveillance-bill.shtml

Congress Drops All Pretense: Quietly Turns CISA Into A Full On Surveillance Bill

by Mike Masnick

Tue, Dec 15th 2015 9:28am

Remember CISA?  The "Cybersecurity Information Sharing Act"?  It's
getting much much worse as Congress and the administration look to ram
it through -- and in the process, removing any pretense that it's not
a surveillance bill.

https://www.techdirt.com/blog/?tag=cisa

As you may recall, Congress and the White House have been pushing for
a "cybersecurity" bill for a few years now, that has never actually
been a cybersecurity bill.  Senator Ron Wyden was one of the only
people in Congress willing to stand up and directly say what it was:
"it's a surveillance bill by another name."  And, by now, you should
know that when Senator Wyden says that there's a secret interpretation
of a bill that will increase surveillance and is at odds with the
public's understanding of a bill, you should know to listen.  He's
said so in the past and has been right... multiple times.

https://www.wyden.senate.gov/news/press-releases/wyden-cybersecurity-bill-lacks-privacy-protections-doesnt-secure-networks

https://www.techdirt.com/articles/20151207/17063433015/final-text-cisa-apparently-removed-what-little-privacy-protections-had-been-there.shtml

Either way, a version of CISA passed the House a while back, with at
least some elements of privacy protection included.  Then, a few
months ago it passed the Senate in a much weaker state.  The two
different versions need to be reconciled, and it's been worked on.
However, as we noted recently, the intelligence community has
basically taken over the process and more or less stripped out what
few privacy protections there were.

And, the latest is that it's getting worse.  Not only is Congress
looking to include it in the end of year omnibus bill -- basically a
"must pass" bill -- to make sure it gets passed, but it's clearly
dropping all pretense that CISA isn't about surveillance.  Here's what
we're hearing from people involved in the latest negotiations.  The
latest version of CISA that they're looking to put into the omnibus:

1. Removes the prohibition on information being shared with the NSA,
allowing it to be shared directly with NSA (and DOD), rather than
first having to go through DHS.  While DHS isn't necessarily
wonderful, it's a lot better than NSA.  And, of course, if this were
truly about cybersecurity, not surveillance, DHS makes a lot more
sense than NSA.

2. Directly removes the restrictions on using this information for
"surveillance" activities.  You can't get much more direct than that,
right?

3. Removes limitations that government can only use this information
for cybersecurity purposes and allows it to be used to go after any
other criminal activity as well.  Obviously, this then creates
tremendous incentives to push for greater and greater information
collection, which clearly will be abused.  We've just seen how the DEA
has regularly abused its powers to collect info.  You think agencies
like the DEA and others won't make use of CISA too?

https://www.techdirt.com/articles/20151214/08492533071/dea-loses-big-drug-case-thanks-to-illegal-wiretap-warrants-prosecutor-calls-procedural-errors.shtml

4. Removes the requirement to "scrub" personal information unrelated
to a cybersecurity threat before sharing that information.  This was
the key point that everyone kept making about why the information
should go to DHS first -- where DHS would be in charge of this
"scrub".  The "scrub" process was a bit exaggerated in the first
place, but it was at least something of a privacy protection.
However, it appears that the final version being pushed removes the
scrub requirement (along with the requirement to go to DHS) and
instead leaves the question of scrubbing to the "discretion" of
whichever agency gets the information.  Guess how that's going to go?

In short: while before Congress could at least pretend that CISA was
about cybersecurity, rather than surveillance, in this mad dash to get
it shoved through, they've dropped all pretense and have stripped
every last privacy protection, expanded the scope of the bill, and
made it quite clear that it's a very broad surveillance bill that can
be widely used and abused by all parts of the government.

There is still some hesitation by some as to whether or not this bill
belongs in the omnibus bill, or if it should go through the regular
process, with a debate and a full vote on this entirely new and
different version of CISA.  So, now would be a good time to speak out,
letting your elected officials and the White House know that (1) CISA
should not be in the omnibus and (2) that we don't need another
surveillance bill.

In the meantime, if Congress were actually serious about
cybersecurity, they'd be ramping up the acceptance and use of
encryption, rather than trying to undermine it.

-----------------
http://thehill.com/policy/cybersecurity/263174-opponents-launch-11th-hour-campaign-to-kill-cyber-bill

Opponents launch 11th-hour campaign to kill cyber bill

By Cory Bennett - 12/14/15 03:54 PM EST

Privacy advocates have launched a last-ditch campaign to block a major
piece of cybersecurity legislation that could soon be added to an
expected omnibus spending deal.

The bill would encourage companies to share more data on hackers with
the government.

Fight for the Future, which has been leading a coalition of digital
rights and civil liberties groups opposing the measure, on Monday
launched an online petition urging the White House to veto the final
legislation.  The group also included a widget that allows people to
call the White House to express their opposition.

https://www.obamadecides.org/

Privacy advocates have long argued that the legislation would allow
the intelligence community to collect more private data on Americans.
Technologists and numerous technology companies have expressed similar
concerns.

But many industry groups, lawmakers and even the White House counter
that the bill is the necessary first step in the fight against
hackers.  Privacy provisions in the measure will ensure personal data
is not shared throughout the government, they say.

"Now is when we'll find out whether President Obama really cares about
the Internet and freedom of speech, or whether he's happy to roll over
and allow technologically illiterate members of Congress break the
Internet in the name of cybersecurity," said Evan Greer, campaign
director at Fight for the Future.

Lawmakers are on the cusp of having a final text ready and hope to
have the bill on President Obama's desk before the year's end.

http://thehill.com/policy/cybersecurity/262985-week-ahead-congress-poised-to-finish-cyber-bill

Negotiators have been working since the Senate passed its Intelligence
Committee-originated bill in October, six months after the House
passed two complementary bills: one from the Intelligence panel,
another from Homeland Security.

On Monday, privacy advocates said that lawmakers had decided to attach
the bill to an omnibus spending bill that is expected as soon as
Monday.  Most observers believe the tactic gives the cyber bill its
best shot of getting through Congress in 2015, as only a handful of
legislative days remain before the upcoming recess.

But several people with direct knowledge of the talks cautioned that
no final decision had been made.

Multiple lawmakers have expressed opposition to the strategy, arguing
that the final cyber text should get a standalone vote in both
chambers.  Their resistance threatens to kill the omnibus strategy.

If the cyber bill does roll through Congress, Fight for the Future
called on the White House to reject the measure.

Throughout the final negotiation process, digital rights groups have
warned that lawmakers were omitting the most stringent privacy
clauses, a claim the bill's backers reject.

http://thehill.com/policy/cybersecurity/262713-cyber-bill-deal-looms-as-negotiators-finalize-privacy-language

http://thehill.com/policy/cybersecurity/262864-house-leadership-reviewing-cyber-compromise

"This administration promised to veto any information sharing bill
that did not adequately protect Internet users' privacy, and the final
version of this bill doesn't even come close," Greer said.  "It's time
for President Obama to deliver on his word."

_______________________________________________
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk