Not CISPA: Revised Senate cybersecurity bill praised by civil liberty advocates

CSA, CISPA will die without vote by July, says Lieberman

Concerns over cybersecurity legislation in Congress have lessened with the introduction of a revamped bill called the Cybersecurity Act of 2012, which citizen advocacy groups say better respects Web users’ privacy and civil liberties than any earlier cybersecurity bill, including the House-passed Cyber Intelligence Sharing and Protection Act (CISPA).

The Cybersecurity Act of 2012 (S.3414) is backed by a bipartisan group of five senators. President Obama has also voiced his support for the bill. The legislation was introduced by Sens. Joe Lieberman (I-CT) and Susan Collins (R-ME), both of whom drafted earlier versions, called the Cybersecurity Act.

The revised cybersecurity bill would provide protections for critical infrastructure systems, and create a new, multi-agency council, called the National Cybersecurity Council (NCC), which would assess risks and vulnerabilities related to U.S.-based computer systems. It would also open more legal avenues for the sharing of information between the Federal government and U.S. businesses.

Unlike the earlier version, the Cybersecurity Act of 2012 does not require companies that run critical infrastructure networks, like water supply, electrical grids, or air traffic control systems, meet specific government-mandated security requirements. Instead, it will establish a voluntary program for the protection of critical infrastructure, through which participating companies can provide evidence that they are meeting certain cybersecurity standards on their networks in exchange for incentives. The cybersecurity guidelines would be set by private-sector groups, but would have to be approved by the NCC.

The exclusion of government-mandated security benchmarks was one of the primary requirements made by Republicans in the Senate, who said they would not vote for a bill that included more government regulation.

“While the bill we introduced in February is stronger, this compromise will significantly strengthen the cybersecurity of the nation’s most critical infrastructure and with it our national and economic security,” Lieberman told The Hill. “We responded after the 9/11 attacks to improve our security. Now we must respond to this latest challenge before a cyber 9/11 occurs.”

More important for the average Web user are changes made for privacy and civil liberty purposes. They are:

  • Restricted sharing between government agencies: The new Lieberman-Collins bill guarantees that only civilian organizations — rather than military ones, like the National Security Agency — will have access to cyber-threat intelligence shared between businesses and the government.
  • Limits on types and use of data: The bill strictly limits which types of information may be shared, and restricts the types of investigations for which law enforcemtent may use the shared data. This is a drastic change from the earlier bill, which would have allowed the data to be used for almost any criminal investigation, including copyright infringement. The new legislation allows law enforcement to used shared data for: any investiagion related to a cybersecurity crime; situations that involve possible death or bodily harm; and any threat to minors, including sexual exploitation and physical threats.
  • Free speech protections: The new Lieberman-Collins bill now explicitly states that First Amendment-protected free speech does not constitute a “cybersecurity threat.” Violations of companies’ terms of service are also clearly exempt from “cybersecurity threat” status.

“The amendments address key civil liberties concerns that have dogged the cybersecurity debate. In terms of privacy, these changes make the Lieberman-Collins bill far superior to both the McCain bill and the House-passed CISPA,” said Leslie Harris, president and CEO of the Center for Democracy and Technology (CDT), in a statement. “Senator Franken and his colleagues, who pushed hard for these amendments, and the co-sponsors of the bill, deserve praise and gratitude for listening to the concerns of the privacy community.”

The Electronic Frontier Foundation (EFF), which often takes a more critical stance than the CDT on such matters, said the new Lieberman-Collins bill “drastically improves upon the previous bill by addressing the most glaring privacy concerns.” Despite this, the EFF continues to have reservations.

“Make no mistake – we remain unpersuaded that any of the proposed cybersecurity measures are necessary and we still have concerns about certain sections of the bill, especially the sections on monitoring and countermeasures,” wrote the EFF on its website. “But this was a big step in the direction of protecting online rights, and we wouldn’t be here without the support of Internet users contacting Congress in droves.”

The EFF highlights a portion of the bill that the group says “specifically authorizes companies to use cybersecurity as an excuse for engaging in nearly unlimited monioring of user data,” as well as the ability for Internet service providers (ISPs) to “block privacy-protective technologies like Tor.”

In a Wall Street Journal op-ed penned by President Obama — which published just hours after the introduction of the Cybersecurity Act of 2012 — the commander-in-chief urged Congress to pass “comprehensive cybersecurity legislation” that includes sharing provisions, as well as protections for critical infrastructure. Obama also warned of the consequences of not passing such legislation.

“It doesn’t take much to imagine the consequences of a successful cyber attack,” he wrote. “In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home. Taking down vital banking systems could trigger a financial crisis. The lack of clean water or functioning hospitals could spark a public health emergency. And as we’ve seen in past blackouts, the loss of electricity can bring businesses, cities and entire regions to a standstill.”

The Cybersecurity Act of 2012 has already been added to the Senate’s legislative calendar by Senate Majority Leader Harry Reid (D-NV), an indication that its supporters believe the bill has enough votes to pass.

To read the full text of the Cybersecurity Act of 2012, click here: pdf.


Google Translate updated to reduce gender bias in its translations

Google is changing how Google Translate offers translations. Previously when you entered a word like doctor, Translate would offer a masculine interpretation of the word. Now, Translate will offer both masculine and feminine versions.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Home Theater

The best movies on Netflix in December, from 'Buster Scruggs’ to endangered cats

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, witty humor, or anything else.

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.

Encryption-busting law passed in Australia may have global privacy implications

Controversial laws have been passed in Australia which oblige tech companies to allow the police to access encrypted messages, undermining the privacy of encryption with potentially global effects.

Can Microsoft’s Airband Initiative close broadband gap for 25M Americans?

A new report from the Federal Communications Commission (FCC) says that 25 million Americans do not have access to broadband internet. Of these, more than 19 million are living in rural communities. Can Microsoft help out?

Microsoft’s Chromium Edge browser may be adding your Chrome extensions

Fans sticking to Google Chrome because due to its vast extension library might be able to switch over to Microsoft's latest iteration of Edge, as a project manager confirms that the company has its eyes on Chrome extensions.

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.
Social Media

‘YouTube Rewind 2018’ is about to become its most disliked video ever

YouTube is about to achieve a record it really doesn't want — that of "most-disliked video." Yes, its annual recap of featuring popular YouTubers has gone down really badly this year.

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.

5G: Why everything is about to change

Curious about the many ways 5G will change and enrich your life? Here’s our guide to all things 5G.

Firefox 64 helps keep your numerous tabs under control

Mozilla officially launched Firefox 64 by placing new features into the laps of its users including new tab management abilities, intelligent suggestions, and a task manager for keeping Firefox's power consumption under control.

Email take-backsies! Gmail's unsend feature is one of its best

Everyone has sent a message they wish they could take back. How great would it be if you could undo that impulsive email? If you're a Gmail user, you can. Here's how to recall an email in Gmail.