Not CISPA: Revised Senate cybersecurity bill praised by civil liberty advocates

CSA, CISPA will die without vote by July, says Lieberman

Concerns over cybersecurity legislation in Congress have lessened with the introduction of a revamped bill called the Cybersecurity Act of 2012, which citizen advocacy groups say better respects Web users’ privacy and civil liberties than any earlier cybersecurity bill, including the House-passed Cyber Intelligence Sharing and Protection Act (CISPA).

The Cybersecurity Act of 2012 (S.3414) is backed by a bipartisan group of five senators. President Obama has also voiced his support for the bill. The legislation was introduced by Sens. Joe Lieberman (I-CT) and Susan Collins (R-ME), both of whom drafted earlier versions, called the Cybersecurity Act.

The revised cybersecurity bill would provide protections for critical infrastructure systems, and create a new, multi-agency council, called the National Cybersecurity Council (NCC), which would assess risks and vulnerabilities related to U.S.-based computer systems. It would also open more legal avenues for the sharing of information between the Federal government and U.S. businesses.

Unlike the earlier version, the Cybersecurity Act of 2012 does not require companies that run critical infrastructure networks, like water supply, electrical grids, or air traffic control systems, meet specific government-mandated security requirements. Instead, it will establish a voluntary program for the protection of critical infrastructure, through which participating companies can provide evidence that they are meeting certain cybersecurity standards on their networks in exchange for incentives. The cybersecurity guidelines would be set by private-sector groups, but would have to be approved by the NCC.

The exclusion of government-mandated security benchmarks was one of the primary requirements made by Republicans in the Senate, who said they would not vote for a bill that included more government regulation.

“While the bill we introduced in February is stronger, this compromise will significantly strengthen the cybersecurity of the nation’s most critical infrastructure and with it our national and economic security,” Lieberman told The Hill. “We responded after the 9/11 attacks to improve our security. Now we must respond to this latest challenge before a cyber 9/11 occurs.”

More important for the average Web user are changes made for privacy and civil liberty purposes. They are:

  • Restricted sharing between government agencies: The new Lieberman-Collins bill guarantees that only civilian organizations — rather than military ones, like the National Security Agency — will have access to cyber-threat intelligence shared between businesses and the government.
  • Limits on types and use of data: The bill strictly limits which types of information may be shared, and restricts the types of investigations for which law enforcemtent may use the shared data. This is a drastic change from the earlier bill, which would have allowed the data to be used for almost any criminal investigation, including copyright infringement. The new legislation allows law enforcement to used shared data for: any investiagion related to a cybersecurity crime; situations that involve possible death or bodily harm; and any threat to minors, including sexual exploitation and physical threats.
  • Free speech protections: The new Lieberman-Collins bill now explicitly states that First Amendment-protected free speech does not constitute a “cybersecurity threat.” Violations of companies’ terms of service are also clearly exempt from “cybersecurity threat” status.

“The amendments address key civil liberties concerns that have dogged the cybersecurity debate. In terms of privacy, these changes make the Lieberman-Collins bill far superior to both the McCain bill and the House-passed CISPA,” said Leslie Harris, president and CEO of the Center for Democracy and Technology (CDT), in a statement. “Senator Franken and his colleagues, who pushed hard for these amendments, and the co-sponsors of the bill, deserve praise and gratitude for listening to the concerns of the privacy community.”

The Electronic Frontier Foundation (EFF), which often takes a more critical stance than the CDT on such matters, said the new Lieberman-Collins bill “drastically improves upon the previous bill by addressing the most glaring privacy concerns.” Despite this, the EFF continues to have reservations.

“Make no mistake – we remain unpersuaded that any of the proposed cybersecurity measures are necessary and we still have concerns about certain sections of the bill, especially the sections on monitoring and countermeasures,” wrote the EFF on its website. “But this was a big step in the direction of protecting online rights, and we wouldn’t be here without the support of Internet users contacting Congress in droves.”

The EFF highlights a portion of the bill that the group says “specifically authorizes companies to use cybersecurity as an excuse for engaging in nearly unlimited monioring of user data,” as well as the ability for Internet service providers (ISPs) to “block privacy-protective technologies like Tor.”

In a Wall Street Journal op-ed penned by President Obama — which published just hours after the introduction of the Cybersecurity Act of 2012 — the commander-in-chief urged Congress to pass “comprehensive cybersecurity legislation” that includes sharing provisions, as well as protections for critical infrastructure. Obama also warned of the consequences of not passing such legislation.

“It doesn’t take much to imagine the consequences of a successful cyber attack,” he wrote. “In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home. Taking down vital banking systems could trigger a financial crisis. The lack of clean water or functioning hospitals could spark a public health emergency. And as we’ve seen in past blackouts, the loss of electricity can bring businesses, cities and entire regions to a standstill.”

The Cybersecurity Act of 2012 has already been added to the Senate’s legislative calendar by Senate Majority Leader Harry Reid (D-NV), an indication that its supporters believe the bill has enough votes to pass.

To read the full text of the Cybersecurity Act of 2012, click here: pdf.

Emerging Tech

Death from above? How we’re preparing for a future filled with weaponized drones

Drones are beginning to enable everything from search & rescue, to the delivery of medicines to hard-to-reach places. But they are also being used as cheap, and deadly flying bombs. How can we defend ourselves?
Movies & TV

Stay inside this fall with the best shows on Hulu, including 'Castle Rock'

It's often overwhelming to navigate Hulu's robust library of TV shows. To help, we've put together a list of the best shows on Hulu, whether you're into frenetic cartoons, intelligent dramas, or anything in between.
Home Theater

The best movies on Netflix in October, from 'The Witch’ to ‘Black Panther’

Save yourself from hours wasted scrolling through Netflix's massive library by checking out our picks for the streamer's best movies available right now, whether you're into explosive action, subdued humor, or anything in between.
Movies & TV

The best shows on Netflix, from 'The Haunting of Hill House’ to ‘The Good Place’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Carbuying can be exhausting: Here are the best used car websites to make it easier

Shopping for a used car isn't easy, especially when the salesman is looking to make a quick sale. Thankfully, there are plenty of sites aimed at the prospective buyer, whether you're looking for a sedan or a newfangled hybrid.

How to recover Google contacts

If you accidentally deleted an important person from your Google Contacts, they might not be lost forever. Recovering them is a fairly easy process -- as long as you do it quickly. Here's how.

Your ‘Do Not Track’ tool might be helping websites track you, study says

New research from the "Do Not Track" features embedded in popular browsers are being ignored, opening up the possibility of consumers having their information targeted by specific ads based on their web histories and cookies. 

Afraid that Bitcoin could be a bubble? Here's how to sell what you've got

If you're investing in cryptocurrencies, it's important to have your exit strategy in place if prices start to crash. If you've decided it's time to get out or just want to learn how to sell Bitcoins, here's how to get started.

Don't take your ISP's word for it: Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.

Feed your fandom: These are the best YouTube channels for sports lovers

If you're a cable cutter who still wants to enjoy quality sports highlights and analysis, YouTube is the place to go. There are plenty of great sports-centric channels on YouTube, each of which provides great highlights and top-shelf…
Social Media

YouTube is back after crashing for users around the world

It's rare to see YouTube suffer serious issues, but the site went down around the world for a period of time on October 16. It's back now, and we can confirm it's loading normally on desktop and mobile.

Chrome 70 is now available and won’t automatically log you in to the browser

Google has officially launched Chrome version 70 on Windows Mac and Linux. The update introduces some new Progressive Web App integrations on Windows 10 and also tweaks the much controversial auto login with Google Account feature.
Smart Home

Here’s everything you need to know about Amazon Prime Pantry

The marvels of the Internet have made it possible to do all your shopping from the comfort of your living room. Amazon Prime Pantry allows you to buy groceries and household items online. Here's more info about the service.
Social Media

Grow your Twitter audience overnight with these simple tips and tricks

Using Twitter can be intimidating, but these tips will help you feel less inadequate when you look at your follower count. As long as you use a bit of moderation, you'll soon be one step closer to social media fame.