With data security and privacy concerns of many groups bubbling up, the White House is officially threatening to veto the latest draft of the Cyber Intelligence Sharing and Protection Act, which was designed to facilitate information sharing between technology companies and intelligence agencies.
"The Administration believes that carefully updating laws to facilitate cybersecurity information sharing is one of several legislative changes essential to protect individuals' privacy and improve the Nation's cybersecurity," according to a statement from the White House. "While there is bipartisan consensus on the need for such legislation, it should adhere to the following priorities: (1) carefully safeguard privacy and civil liberties; (2) preserve the long-standing, respective roles and missions of civilian and intelligence agencies; and (3) provide for appropriate sharing with targeted liability protections."
TechCrunch pointed out that the White House put emphasis on the fact that "the Administration still seeks additional improvements and if the bill, as currently crafted, were presented to the President, his senior advisors would recommend that he veto the bill." Now that the bill has passed a House of Representatives vote, civil liberties groups are hoping the executive branch will make good on its promise.
The Electronics Frontier Foundation said 34 civil liberty groups sent a letter to Congressional representatives to ask them to oppose CISPA, stating that the bill is misguided in its attempt to provide security and would instead leave a new exception to the privacy law.
"CISPA creates an exception to all privacy laws to permit companies to share our information with each other and with the government in the name of cybersecurity," the letter said. "Although a carefully-crafted information sharing program that strictly limits the information to be shared and includes robust privacy safeguards could be an effective approach to cybersecurity, CISPA lacks such protections for individual rights. CISPA's information sharing regime allows the transfer of vast amounts of data, including sensitive information like Internet records or the content of emails to any agency in the government including military and intelligence agencies like the National Security Agency or the Department of Defense Cyber Command."
The groups continued by saying the CISPA developments of the last year make it even more questionable, such as rules that they said increase information sharing from the government to the private sector and leaving privacy protections completely out. Many organizations may fear that they will have to give up a lot of data and will not get much value back from the risk of sharing. While there still has yet to be a final vote on the bill, these companies have to be happy with where the issue currently stands.
Data Security News from SimplySecurity.com by Trend Micro.