CISPA advancement stymied by potential public blowback of NSA leaks
Friday, June 28, 2013 @ 3:48pm
| The NSA spy program leaks have had some unintended consequences -- the Cyber Intelligence Sharing and Protection Act (CISPA) appears to be meeting significant resistance on its way to becoming law. US legislators have chosen to delay advancing cybersecurity legislation until September, and possibly later, to assess colleague and constituent support for the controversial bill.
"There’s very little faith in the institutions of government right now," said Representative Tom Cole (R-OK). "If you look like you’re not sufficiently critical and sufficiently vigilant in defending people’s liberties, I think they’ll express that at the polls."
Chairman of the House Homeland Security Committee Michael McCaul (R-TX) said that disclosure of the extensive NSA monitoring program known as PRISM "probably couldn’t have come at a worse time" to allow CISPA to advance. The core principles of CISPA focus on information sharing between private companies and government agencies. The language is specifically related to Internet and technology threats, such as malicious software and hacking attacks.
Proponents argue that such legislation is necessary to protect against cyber attacks, quickly providing relevant data to enforcement agencies tasked with responding to threats. Critics claim the language ignores existing privacy guarantees and lacks oversight, enabling agencies to collect a broad range of personal data about law-abiding users.
After passing the 2012 House vote, the initial bill did not make it to a floor vote in the Senate. It remains unclear if the 2013 bill will face the same fate especially given the new delays, though the White House has implied that President Obama is willing to block it if it passes.
Senator Dianne Feinstein (D-CA) believes that legislation such as CISPA is needed "to ensure that voluntary information sharing is lawful," Feinstein said an emailed statement to Bloomberg. However, she qualified her support by saying that any such law should include liability for companies who abuse the data collected, and privacy protections for citizens.