Modern field guide to security and privacy

Cybersecurity pros slam threat information-sharing bills

Sixty-five cybersecurity professionals and academics have asked Congress to reject three versions of information-sharing bills over privacy concerns.

|
Joshua Roberts/Reuters
Sen. Dianne Feinstein (D) of Calif., vice chairman of the Senate Intelligence Committee, is among the members of Congress security professionals are urging to reject pending information-sharing legislation.

More than 65 cybersecurity professionals and academics have come out against a trio of bills moving through Congress that are meant to enable information sharing about digital threats between businesses and the government. 

In a letter sent today to ranking members of the House and Senate Intelligence Committees and the chair of the House Homeland Security Committee, they are urging Congress reject the controversial Cybersecurity Information Sharing Act and two similar bills.

"We do not need new legal authorities to share information that helps us protect our systems from future attacks," they wrote. "Generally speaking, security practitioners can and do share this information with each other and with the federal government while still complying with our obligations under federal privacy laws."

The signatories of the letter take issue with the potential privacy implications of the bills. "The bills weaken privacy law without promoting security," they said in the letter

This is not the first time the information sharing bills have been criticized by privacy advocates. Previously, critics have argued that an information sharing law could expose even more personal data held by tech companies to agencies such as the National Security Agency or to the FBI.

In order to support an information sharing bill, they have asked that it contain the following elements:

  1. "Narrowly define the categories of information to be shared as only those needed for securing systems against future attacks;
  2. Require firms to effectively scrub all personally identifying information and other private data not necessary to identify or respond to a threat;
  3. Not allow the shared information to be used for anything other than securing  systems."

Signatories include representatives from technology and security companies such as Amazon, Cisco, Twitter, Rapid7, and Veracode, as well as academics from the University of California at Berkeley, the Massachusetts Institute of Technology, and Yale University.

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Cybersecurity pros slam threat information-sharing bills
Read this article in
https://www.csmonitor.com/World/Passcode/2015/0416/Cybersecurity-pros-slam-threat-information-sharing-bills
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe