US Senate Passes Controversial Bill to Collect “Sensitive Personal Data”
On October 27, the US Senate overwhelmingly passed the controversial Cybersecurity Information Sharing Act (CISA) in a 74-21 vote. This bill will allow the government and various enforcement agencies to legally surveil and access sensitive personal data.
The announcement aggravated the tech community, receiving widespread criticism from industry heavyweights, tech analysts and influential figures including American privacy activist and former government contractor Edward Snowden and the Washington-based Computer & Communications Industry Association (CCIA).
“CCIA is unable to support CISA as it is currently written. CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government,” the group stated in an open letter.
Initially, the bill was drafted by the Senate Select Committee on Intelligence after Sony and Target’s massive data breaches earlier this year. By law, it demands companies to automatically transfer data to the National Security Agency, FBI and local enforcement agencies, organizations with poor records of retaining secure data.
New York’s BitLicense demanded a similar requirement of startups, causing the closure of prominent bitcoin startups such as instant cryptocurrency exchange Shapeshift.io.
However, bitcoin companies have the option to shut down their operations in New York and operate elsewhere in the U.S. CISA, on the other hand, applies to every technology company across the country, including internet and social media giants Twitter and Salesforce, which strongly spoke out against the bill.
“At Salesforce, trust is our number one value and nothing is more important to our company than the privacy of our customers’ data. Contrary to reports, Salesforce does not support CISA and has never supported CISA,” stated Salesforce Chief Legal officer Burke Norton.
The Twitter team announced that the company will not be supporting CISA due to fundamental flaws in its writing. “Security+privacy are both priorities for us and therefore we can’t support #CISA as written. We hope to see positive changes going forward,” announced Twitter.
The fundamental problem with CISA is its failure to address core problems which often result in data breaches or successful hacking attacks, including unencrypted files, un-updated servers and installations of malware. Instead of targeting these basic security measures, CISA requires companies to share personal information for purposes unrelated to cybersecurity.
In a matter of days, tech giants and privacy activists moved from refusing comply with the bill to warning its users about the danger of CISA.
“Congress is trying to pass a ‘cyber security’ bill that threatens your privacy. Join us & others to oppose,” warned Yelp on Twitter.
Edward Snowden went on to publicize the names of Senators who voted for CISA. He announced on Twitter, “Here are the names of the Senators who voted against your rights on #CISA. Is yours on the list? Share their names.”