Cross posted from The Stars Hollow Gazette
The Senate will not vote on the Cyber Intelligence Sharing and Protection Act, CISPA, that was passed by the House last week.
Sen. Jay Rockefeller (D-W.V.), who is chairman of the Senate Commerce Committee, “believes that information sharing is a key component of cybersecurity legislation, but the Senate will not take up CISPA,” a committee staffer told HuffPost.
A staffer for the Senate Intelligence Committee said the committee also is working on an information-sharing bill and will not take up CISPA.
“We are currently drafting a bipartisan information sharing bill and will proceed as soon as we come to an agreement,” Sen. Dianne Feinstein (D-Calif.), chairwoman of the Senate Intelligence Committee, said in a statement Thursday.
CISPA Is ‘Dead for Now,’ Thanks to a Left-Right Coalition for Online Privacy
by John Nichols, The Nation
What brings the most seriously libertarian Republican in the US House, Michigan’s Justin Amash, together with Congressional Progressive Caucus co-chair Keith Ellison, D-Minnesota?
What unites long-time Ronald Reagan aide Dana Rohrabacher, R-California, with liberal firebrand Alan Grayson, D-Florida?
What gets steadily conservative former House Judiciary Committee chair James Sensenbrenner, R-Wisconsin, together with progressive former House Judiciary Committee chair John Conyers Jr., D-Michigan?
The Fourth Amendment to the Constitution, which has for 222 years promised that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
That’s an old commitment that members of Congress swear an oath to uphold. [..]
CISPA actually won 288 “yes” votes in the House, but the 127 “no” votes-coming from principled members on both sides of the aisle-sent a strong message to the more deliberative Senate. In combination with a grassroots campaign spearheaded by tech-savvy privacy activists and a threatened veto by President Obama, the bipartisan House opposition appears to have convinced Senate leaders have signaled that they plan to put the legislation on hold. The American Civil Liberties Union on Thursday suggestion that CISPA looks to be “dead for now.”
ACLU: CISPA Is Dead (For Now)
By Jason Koebler, US News
The Senate will not take up the controversial cybersecurity bill, is drafting separate legislation
“I think it’s dead for now,” says Michelle Richardson, legislative council with the ACLU. “CISPA is too controversial, it’s too expansive, it’s just not the same sort of program contemplated by the Senate last year. We’re pleased to hear the Senate will probably pick up where it left off last year.”
That’s not to say Congress won’t pass any cybersecurity legislation this year. Both Rockefeller and President Obama want to give American companies additional tools to fight back against cyberattacks from domestic and foreign hackers.
But cybersecurity legislation in the Senate, such as the Cybersecurity and American Cyber Competitiveness Act of 2013, has greater privacy protections than CISPA does. Richardson says that bill makes it clear that companies would have to “pull out sensitive data [about citizens]” before companies send it to the government and also puts the program under “unequivocal civilian control,” something CISPA author Rep. Mike Rogers, R-Mich., was unwilling to do.
Even if the Senate gets something done, Rogers and other CISPA supporters will likely have to compromise more than they’ve been willing to over the past year as Obama has made it clear he will veto legislation that doesn’t have more privacy protections.
CISPA Is Dead. Now Let’s Do a Cybersecurity Bill Right
by Julian Sanchez, Wired
Americans have grown so accustomed to hearing about the problem of “balancing privacy and security” that it sometimes feels as though the two are always and forever in conflict – that an initiative to improve security can’t possibly be very effective unless it’s invading privacy. Yet the conflict is often illusory: A cybersecurity law could easily be drafted that would accomplish all the goals of both tech companies and privacy groups without raising any serious civil liberties problems.
Few object to what technology companies and the government say they want to do in practice: pool data about the activity patterns of hacker-controlled “botnets,” or the digital signatures of new viruses and other malware. This information poses few risks to the privacy of ordinary users. Yet CISPA didn’t authorize only this kind of narrowly limited information sharing. Instead, it gave companies blanket immunity for feeding the government vaguely-defined “threat indicators” – anything from users’ online habits to the contents of private e-mails – creating a broad loophole in all federal and state privacy laws and even in private contracts and user agreements.
Given that recent experience has shown companies shielded by secrecy often err on the side of oversharing with the government, that loophole was a key concern. So why the gap between what the law permits and its supporters’ aims?
It’s a principle wonks call tech neutrality. Nobody wants to write a bill that refers too specifically to the information needed to protect current networks (like “Internet Protocol addresses” or “Netflow logs”) since technological evolution would render such language obsolete over time.