By Robert Epstein |
There is a need for cybersecurity legislation, but CISPA—an overly broad bill that lacks restrictions on government abuse—is not the right way to achieve it.
CISPA allows companies to voluntarily share information pertaining to suspected attacks on their networks with other companies and the government. Operators of networks have said they need clearer legal authority to share this information. However, there are three major problems with how CISPA would allow Internet users' information to be shared and used.
On top of this, CISPA supersedes all other privacy laws. If privacy protections for Internet users aren't built into the bill, they simply don't exist.
Legislation that secures networks can be achieved without posing these threats—an important first step is to narrow the language.
The authors of CISPA have made some positive changes recently. Unfortunately, none of the changes gets to the heart of the privacy concerns that Internet users and advocacy groups have expressed. The Center for Democracy & Technology is still hopeful that major problems with the bill can be addressed before it goes to a vote next week—if they aren't, Congress should reject CISPA.
About Kendall Burman Senior National Security Fellow at the Center for Democracy & Technology
Mike Rogers Chairman of the House Permanent Select Committee on Intelligence