[Libs-Or] Urgent: Help Rebury “Zombie” Cybersecurity Bill

Mon Jul 27 14:57:00 PDT 2015

http://www.districtdispatch.org/2015/07/senate-cybersecurity-bill-attacks-civil-liberties/

Urgent: Help Rebury “Zombie” Cybersecurity Bill

Posted by: Adam Eisgrau
<http://www.districtdispatch.org/author/adameisgrau/> July 27, 2015 in
Cybersecurity <http://www.districtdispatch.org/category/cybersecurity/>,
Legislation <http://www.districtdispatch.org/category/legislation/>, OGR
<http://www.districtdispatch.org/category/ogr/>

It’s back to the “barricades” for librarians and our many civil liberties
coalition allies. Just over a year ago, District Dispatch sounded the alarm
<http://www.districtdispatch.org/2014/06/dangerous-zombie-cybersecurity-legislation-lives-senate/>
about the return of privacy-hostile “cybersecurity” or “information
sharing” legislation. Again dubbed a “zombie” for its ability to rise from
the legislative dead, the current version of the bill
<https://www.congress.gov/114/crpt/srpt32/CRPT-114srpt32.pdf> (S. 754) goes
by the innocuous name of the “Cybersecurity Information Sharing Act
<https://www.congress.gov/bill/114th-congress/senate-bill/754?q=%7b%22search%22%3A%5b%22\%22s754\%22%22%5d%7d>”
. . . but “CISA” is anything but. As detailed below, not only won’t it be
effective as advertised in thwarting cyber-attacks, but it de facto grants
broad new mass data collection powers to many federal, as well as state and
even local, government agencies!

CISA was approved in a secret session last March by the Senate Intelligence
Committee. In April, ALA and more than 50 other organizations, leading
cybersecurity experts and academics called on Congress to fix its many
flaws in a detailed letter
<http://www.constitutionproject.org/wp-content/uploads/2015/04/Coaltion-Letter-Strongly-Opposing-PCNA.pdf>.
Since then, S. 754 hasn’t had a single public hearing in this Congress.
Nonetheless, Senate Majority Leader Mitch McConnell (R-KY) is pushing for
a vote
<https://www.techdirt.com/articles/20150714/07144731632/senate-once-again-looks-to-bring-back-cisa-surveillance-expansion-bill-pretending-cybersecurity-bill.shtml>
on S. 754 by the full Senate right *now*, before the Senate breaks for its
summer recess in a matter of days. Sadly, unless we can stop it, this
dangerously and heavily flawed bill looks to be headed for passage even if
not amended at all.

Touted by its supporters as a means of preventing future large-scale data
breaches like the massive one just suffered by the federal government’s
Office of Personnel Management, leading security experts
<http://www.csmonitor.com/World/Passcode/2015/0612/Security-pros-Cyberthreat-info-sharing-won-t-be-as-effective-as-Congress-thinks>
argue that CISA actually won’t do much, if anything, to prevent such
incursions . . . and many worry that it could make things worse
<https://cyberlaw.stanford.edu/files/blogs/technologists_info_sharing_bills_letter_w_exhibit.pdf>.
As detailed by our compatriots at New America’s Open Technology Institute
<https://static.newamerica.org/attachments/2741-cybersecurity-information-sharing-act-of-2015-is-cyber-surveillance-not-cybersecurity/CISA_Cyber-Surveillance.488b3a9d2da64a27a9f6f53b38beb575.pdf>
and the Center for Democracy and Technology
<https://cdt.org/blog/how-the-opm-hack-demonstrates-the-need-to-improve-cisa/>,
what it will do is create incentives for private companies and the
government to widely share huge amounts of Americans’ personally
identifiable information that will itself then be vulnerable to
sophisticated hacking attacks. In the process, the bill also creates
massive exemptions from liability for private companies under every major
consumer privacy protection law now on the books.

Your collected personal information would be shared *instantly* under the
bill among many federal agencies including the Office of the Director of
National Intelligence, the Department of Defense, NSA and the Department of
Justice. Worse yet, it also would be shared with garden variety law
enforcement entities at every level of government. None of them would be
required to adequately restrict how long they can retain that personal
information, or limit what kinds of *non-cyber* offenses the information
acquired could be used to prosecute. If enacted, that would be a sweeping
“end run” on the Fourth Amendment and, in effect, make CISA a broad new
surveillance bill.

CISA also allows both the government and private companies to take rapid
unilateral “countermeasures” to retaliate against perceived threats, which
may disable or disrupt many computer networks, including for example a
library system’s or municipal government’s, believed to be the source of a
cyber-attack.

With all of its defects and dangers, it’s no wonder that CISA’s been
labelled a “zombie!” Now, it’s time for librarians to rise again, too . . .
to the challenge of once more stopping CISA in its tracks. This time
around, ALA has partnered with more than a dozen other national groups to
do it in a way so old its novel again: sending Senate offices thousands . .
. of *faxes*.

Courtesy of our friends at AccessNow.org, you can join this retro campaign
to protect the future of your privacy by delivering a brief, pre-written
message online with just a single mouse click at www.stopcyberspying.com
now! (If you prefer, you’ll also have the option of writing your own
message.)

Together we can stop CISA one more time, but votes could happen anytime
now. Please act today!

* Additional Information and Resources*

AccessNow.org
<https://www.accessnow.org/blog/2015/07/27/join-access-in-a-week-of-action-opposing-cyber-surveillance-stopcisa>

American Civil Liberties Union
<https://www.aclu.org/search/%20?f%5b0%5d=field_issues%3A104>

Center for Democracy and Technology
<https://cdt.org/issue/security-surveillance/cybersecurity-2/>

New America’s Open Technology Institute
<https://www.newamerica.org/oti/cybersecurity-information-sharing-act-of-2015-is-cyber-surveillance-not-cybersecurity/>

StopCyberSpying.com <https://www.stopcyberspying.com/>

http://www.districtdispatch.org/2015/07/senate-cybersecurity-bill-attacks-civil-liberties/

-- 
*Diedre Conkling*

*Lincoln County Library DistrictP.O. Box 2027Newport, OR 97365Phone & Fax:
541-265-3066Work email**: **diedre at lincolncolibrarydist.org*
<diedre at lincolncolibrarydist.org>
*Home email: **diedre08 at gmail.com* <diedre08 at gmail.com>

 “If you don't like something, change it. If you can't change it, change
your attitude.”―Maya Angelou
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omls.oregon.gov/pipermail/libs-or/attachments/20150727/ef85aa96/attachment.html>