On Tuesday, October 27, the Senate passed the Cybersecurity Information Sharing Act (CISA) on a vote of 74-21 (roll call here). Civil liberties, consumer rights, and privacy groups have been fighting against similar legislation, and defeating it for over five years. Today’s vote comes despite the opposition of tech companies, cyberlaw professors, and hundreds of thousands of everyday people who called, emailed, and even faxed their lawmakers in protest.
“Congress just can’t seem to help itself from rushing in with fake solutions to flood the government with our private information in the vain hope of stopping something bad,” said Sue Udry, Executive Director of the Bill of Rights Defense Committee/Defending Dissent Foundation (BORDC/DDF).
“Members of Congress who voted for CISA can’t explain how the bill will protect us from cyber attacks, because it won’t,” Udry said. “Instead, the bill offers a “you scratch my back, I’ll scratch yours” deal between corporations and the government that encourages corporations to share massive amounts of private customer information with the government in exchange for legal immunity from lawsuits. No wonder the Chamber of Commerce supports it.”
Beyond the harmful data-sharing provisions, the bill neutralizes the Freedom of Information Act by giving the Senate Select Committee on Intelligence jurisdiction over responses to FOIA requests. This sets a dangerous precedent for further undermining FOIA at the intelligence community’s will. Senator Leahy (D-VT) introduced an amendment to mitigate that provision, which did not pass.
The House of Representatives passed the Protecting Cyber Networks Act in April, differences between the bills will have to be resolved by a conference committee of Senate and House members.