Senate hearing fails to address harms of cybersecurity legislation

Senators show support for information sharing proposals that risk user privacy

Washington, D.C. – Today, the Senate Homeland Security and Governmental Affairs Committee held a hearing on cybersecurity information sharing. Unfortunately, many of the senators failed to raise questions regarding the concerns of the privacy community. Existing information sharing proposals, such as the Cybersecurity Information Sharing and Protection Act (CISPA), would ensure shared information is passed to the National Security Agency (NSA), significantly increasing the agency’s surveillance authority. CISPA would also provide broad liability protection for companies that share private information. CISPA and similar proposals fail to adequately protect user security while sacrificing privacy.

“Information sharing cannot be used as a trojan horse for increased surveillance. Cybersecurity legislation should instead encourage companies to strengthen their own security practices.“ said Drew Mitnick, Junior Policy Counsel at Access.

Earlier this month, the White House released its own information sharing proposal. While more privacy protective than CISPA, President Obama’s plan may still facilitate the sharing of private information with the NSA and other intelligence agencies. It would also provide immunity for companies sharing private information, though only if certain private information is first stripped.

“Bills like CISPA wouldn’t have stopped high-profile attacks like the one perpetrated against Sony Pictures,” Mitnick continued. “Companies must prioritize proper network hygiene instead of laws that would provide businesses sweeping immunity.”

Access supports legislation that would strengthen digital security without sacrificing user privacy. For instance, the Senate Secure Data Act would prohibit the insertion of government mandated backdoors in products and services. In addition, a strong data breach notification law would increase the flow of cybersecurity information and better inform users of how their personal information is treated.

“Congress is still considering appropriate limits on government surveillance. Now is not the time to pass legislation increasing the NSA’s spying authority,” finished Mitnick.

For more information on how companies can increase security and protect information,  please visithttps://www.encryptallthethings.net/.


Media Contact

Drew Mitnick
Junior Policy Counsel, Access
[email protected]