Cybersecurity Bill for Infrastructure Updated to Address Privacy Concerns — Some Say It’s Too Little, Others Too Much
With increasing concern over cyberattacks against critical infrastructure within the United States, the House and Senate both introduced bills earlier this year that were intended to help strengthen security. They would help facilitate the reporting of cyberattacks between private companies and the government, but were met with backlash as some thought this could lead to violations of anti-trust laws by the government, among other concerns.
The Cyber-Intelligence Sharing and Protection Act (CISPA) passed in the House and awaits a Senate vote. More recently, the Senate introduced Cybersecurity Act of 2012 (CSA2012), which has undergone changes since its first introduction that raised privacy concerns among Republicans.
The Huffington Post reports that five senators re-introduced CSA2012, omitting security requirements and subsequent penalties for companies maintaining critical infrastructure. It states Republicans had initially quipped that the government should not require companies to institute what could be costly security upgrades. Going forward, the bill makes government reviews of companies’ security measures and meeting standards voluntary. It is expected to be heard on the Senate floor later this week.
Not everyone is happy with this change though. Some say it doesn’t do enough to protect infrastructure. The Huffington Post has more:
The new bill “basically depends on the industry to make a good faith effort to improve security, and up until now they haven’t done anything,” said Joe Weiss, a security expert on critical infrastructure. “The question is, ‘Why would you expect all of a sudden for that to change?’”
James Lewis, a senior fellow at the Center for Strategic and International Studies, said, “The problem is the bill doesn’t give the government any new capabilities. You don’t need this bill. Nothing really changes.”
Still, there are those who see the revised bill as increasing its privacy protections adequately. Ginny Sloan, president of The Constitution Project, wrote in an op-ed for the Huffington Post that with the updates, it “may actually be able to carry out the promise of providing meaningful privacy and civil liberties safeguards.”
The changes made to allow for this, Sloan writes, are tighter restrictions on the government’s use of the information obtained from companies. For example, Sloan points out that any data given for cybersecurity reasons cannot be used for national security or criminal prosecutions. She also says the information to be shared with the government for security has been further limited. She praises the new bill for including that the flow of information from private company to the government will be through civilian companies, not the NSA or other government agencies.
At this point, Sloan says the current version of the Cybersecurity Act of 2012 is “far superior” to the House version CISPA. Read more details in Sloan’s full post here.
Others, like Paul Rosenzweig, a visiting fellow at the Heritage Foundation, have acknowledged improvements made but still find it having “grave problems that are likely to chill innovation without improving cybersecurity.” It is the “incentives” that would be given to those voluntarily providing the government with its information that Rosenzweig takes issue with:
Those incentives include liability protection, priority assistance for cyber threats, and access to classified information about threats.
There are several problems with this new approach. First, the government should not be in the position of denying its threat information to critical infrastructure owners who choose not to adopt the voluntary standards, likely for justifiable business reasons. If the infrastructure in question is truly “critical,” it is in America’s collective interest to protect it as much as possible.
Rosenzweig goes on to say liability protection offered as an incentive is too weak. He also cautions about just how voluntary meeting these standards would be:
Under section 103(g) of the bill, federal regulatory agencies are free to make the voluntary regulations mandatory in the sectors they regulate, and they are required to report to Congress if they choose not to do so—which is a strong incentive to adopt the “voluntary” rules.
Read more of Rosenzweig’s perspective on the revised bill here.
PhysOrg reports Michelle Richardson with the ACLU saying that though the changes are improvements — the organization previously criticized this bill as well as CISPA — it should be watched carefully for any updates that could occur when it meets the the Senate floor.
“We will be carefully watching how this unfolds on the floor and will be calling on you to fight anti-privacy amendments and support ones that we expect will further limit the government’s authority,” she said, according to PhysOrg.
- John McCain Lectures Tea Party Senator on How ‘Business’ Gets Done in Congress: ‘That’s What We’ve Been Doing for a Couple Hundred Years’ 501 Comments
- Pope Francis’ Sermon Sparks Debate: ‘Even the Atheists’ Have Been Redeemed ‘With the Blood of Christ’ 461 Comments
- Boy Scouts of America Vote to Allow Gay Members 456 Comments
- Anti-Gay Bias or Fair Punishment? New Details Emerge About High School Student’s Lesbian Relationship With a Minor 339 Comments
- Piers Morgan Bans Dana Loesch From His Show Following Twitter Spat: ‘Show Some Bloody Respect’ 323 Comments
- MSNBC Hosts Martin Bashir and Chris Hayes Claim London Machete Killers Aren’t Terrorists: ‘These Are Just Murderers’ 100 Comments
- Did You Catch the Possibly Policy-Changing Ft. Hood Reference in Obama’s Terror Speech? Read More
- Dem. Rep. Apologizes for Attending ‘Racist, Anti-Semitic and Homophobic’ Speech Read More
- Church vs. State Complaint Leads City to Remove Christian Crosses on Water Tower — Now See What They’ve Been Replaced With 185 Comments
- Faith-Healing Parents Charged With Murder for Refusing Kids’ Medical Care — Should They Go to Prison? 124 Comments
- Have You Had Scotch at a NJ TGI Friday’s Lately? You Might Have Been Drinking Rubbing Alcohol Read More
- Venezuelan President Blames Toilet Paper Shortage on the Rich Read More
- This Terrible Chart Shows the Change in Food Stamp Participation Over the Last 10 Years Read More
- Disney Makes Absolutely Mortifying Photoshop Mistake Read More
- Trey Gowdy at It Again — This Time with a Jack Bauer Reference! 116 Comments
- 6 Fascinating Spy Gadgets You’ll Probably Want (and Can Have) After Seeing Read More
- How Would a 3D-Printed Shotgun Slug Hold Up? Here’s the Test Read More
- The Incredible Role Facebook Played in the Aftermath of Devastating Okla. Tornado Read More
- Tech Company Demonstrates Remote Disabling of a ‘Smart Gun’ 130 Comments
- Meet the Blind Man Nicknamed ‘Midnight Gunslinger’ Who Has 80% Shot Accuracy Read More
- Venezuela to create new workers militia
- Ex-Guatemala president extradited to US
- 6 Wyeth paintings fetch $2M at NYC auction
- Jersey shore reopens for 1st post-Sandy summer
- Ruby says her sworn statements were lies
- Barrick fined $16m for Pascua-Lama violations
- Roger Federer, always at Grand Slam tournaments
- Some unions now angry about health care overhaul