Today, the Senate voted to pass the Cybersecurity Information Sharing Act (CISA) 74 to 21.
CISA is a surveillance bill masquerading as a cybersecurity bill.
Here’s the Center for Democracy & Technology on why the bill is dangerous to civil liberties:
-
Requires that any Internet user information volunteered by a company to the Department of Homeland Security for cybersecurity purposes be shared immediately with the NSA, other elements of the Intelligence Community, with the FBI/DOJ, and many other Federal agencies – a requirement that will discourage company participation in the voluntary information sharing scheme envisioned in the bill;
-
Risks turning the cybersecurity program it creates into a backdoor wiretap by authorizing sharing and use of CTIs (cyber threat indicators) for a broad array of law enforcement purposes that have nothing to do with cybersecurity;
-
Authorizes cybersecurity “countermeasures” that would violate the Computer Fraud and Abuse Act and cause harm to others;
-
Will have unintended consequences – it trumps all law in authorizing companies to share user Internet communications and data that qualify as “cyber threat indicators;”
-
Does nothing to address conduct of the NSA that actually undermines cybersecurity, including the stockpiling of zero day vulnerabilities.
CISA would also notably provide full legal immunity to corporations that share data with the federal government in violation of privacy contracts or user agreements, rendering such documents meaningless.
Our two senators, Elizabeth Warren and Ed Markey, voted against CISA, and throughout the whole voting process, they both consistently cast a vote on the civil libertarian side.
What did this entail, besides voting against final passage?
Voting against the cloture motion on Thursday.
Voting for Rand Paul’s amendment to prohibit liability immunity from applying to private entities that break user or privacy agreements with customers.
Voting for Ron Wyden’s amendment to requires all entities sharing cyber threat indicators to remove personally identifiable information not necessary to describe or identify a cyber threat.
Voting for Dean Heller’s amendment to require federal entities to remove personally identifiable information if they “reasonably believe” it is not directly related to cybersecurity. (This amendment was weaker than Wyden’s and was intended as an alternative if Wyden’s did not pass.)
Voting for Pat Leahy’s amendment to strike the blanket FOIA exemption in the bill.
Voting for Al Franken’s amendment to narrow the definitions of cybersecurity threats and cyber threat indicators.
Voting for Chris Coons’s amendment to require DHS to remove personally identifiable information not necessary to identify or describe a cybersecurity threat before sharing a cyber threat indicator.
Voting against Tom Cotton’s amendment to permit companies to share cyber threat information with the FBI and Secret Service.
There are good descriptions of all of these on the CDT link above.
Warren and Markey were among a group of 12 senators (all of the Democratic caucus) who consistently cast pro-civil liberties votes here. In New England, they were joined by Bernie Sanders and Pat Leahy of Vermont here.
…I don’t like when our side votes against cloture motions either.
This was not too hot of a topic on the presidential campaign trail, but the breakdown seems to be:
Dems
Sanders – opposed (and voted against the final bill)
O’Malley – supported CISA (at least in June)
Clinton – Has not responded to questions re: CISA.
(Biden supported CISA)
Repubs
No candidates came out against CISA except Rand Paul.
Paul, Cruz, Rubio, and Graham did not vote on the final bill.
Bush and Fiorina explicitly supported it.
O’Malley also expressed his support in the last debate. I can’t remember if Clinton did, too. I feel like she did, but I don’t remember it as well as I do O’Malley’s response.
Rubio voted for it in Committee. Paul voted against cloture last Thursday and has expressed opposition, but the self-proclaimed defender of liberty apparently didn’t see it as important enough to show up to vote against it.
I maintain the congressional surveillance scorecard at http://www.DecideTheFuture.org, and was just updating it with the CISA votes last Thursday.
Warren did not actually vote for the Coons amendment, perhaps because she preferred other amendments. Markey did slightly better, and did vote exactly as described. On the whole I’m proud of our delegation, though Kennedy and Moulton are bad on this issue and Keating is not terrific on it either.
The anti-CISA votes were not all Democrats. Sen. Paul (R-KY) voted against cloture, and several Republicans (Crapo, Daines, Heller, Lee, Risch and Sullivan) voted against final passage (Paul did not vote on final passage because he was in debate preparation). Of these, Daines, Heller, Lee and Paul had a substantial record of good votes on surveillance issues.
On the presidential candidates, we’re working on adding a compendium of candidate statements. What I can tell you is that on the Democratic side, Sanders is strongly anti-surveillance; Clinton and O’Malley are tepidly in favor of the surveillance state. And in case BMG readers are interested, it’s not only Paul on the Republican side: Carson, Cruz and Huckabee are all at least somewhat skeptical of the surveillance state.
If you’d like to get involved in this or in our other projects, you’re welcome to message me.
Alex.
The biological metaphor is appropriate here. Organisms evolve because natural selection, driven by the local environment, favors organisms that do well in that environment and suppresses organisms that do not.
Our job is to change the political environment so that Ms. Clinton and Mr. O’Malley, at least, end their support for the surveillance state. We must make it politically untenable for them to continue doing what they’ve done in the past.