Menu
Congress moves forward on cyberthreat sharing bill despite privacy concerns

Congress moves forward on cyberthreat sharing bill despite privacy concerns

The House may vote this week on a bill that would allow shared cybertheat information to be passed to the NSA and law enforcement agencies

The U.S. House of Representatives may vote on a controversial cyberthreat information sharing bill this week, despite major privacy concerns from many digital rights groups and security researchers.

The Protecting Cyber Networks Act "seriously threatens privacy and civil liberties, and would undermine cybersecurity, rather than enhance it," said a letter sent this week by 55 digital and civil liberties groups, security researchers and academics.

The PCNA, one of two cybersecurity bills that the House may vote on this week, would come to the House floor about a month after it was introduced, an unusually fast process for legislation. Without holding any public hearings on the bill, the House of Representatives Intelligence Committee voted to approve the bill in late March, just two days after it was introduced.

The bill would protect from consumer lawsuits those companies that share cyberthreat information with each other or with government agencies. Proponents of the cyberthreat information-sharing bills, including many tech companies, argue that more sharing of cyberthreat information can help businesses better respond to attacks, but victims of cyberattacks need assurances that information sharing won't lead to legal problems.

But the bill would also authorize companies to expand their monitoring of users' or customers' online activities and permit them to share "vaguely defined" cyberthreat indicators, said the letter from bill opponents, including the American Civil Liberties Union, Free Press, the Electronic Frontier Foundation and the New America Foundation's Open Technology Institute.

The PCNA would also require federal agencies to share all cyberthreat indicators they receive with the U.S. National Security Agency and any other agencies, and would allow law enforcement agencies to use the shared information for several crimes and activities that "have nothing to do with cybersecurity," the letter said.

The bill would also allow companies to deploy "invasive countermeasures, euphemistically called defensive measures," the letter said. Those defensive measures could harm innocent people not involved in cyberattacks and could undermine cybersecurity, the groups said.

While the digital rights and civil liberties groups oppose the bill, three telecom industry trade groups wrote Congress in support of it. The PCNA, along with another cyberthreat information sharing bill being considered by the House, "would provide critically important authorizations for real-time sharing" among private companies and between private companies and the government, said the letter, from CTIA, the National Cable and Telecommunications Association and the United States Telecom Association.

The bills will resolve "legal uncertainties" that prevent companies from sharing cyberthreat information quickly, the groups said.

The House Intelligence Committee has defended the PCNA, disputing allegations that it's a surveillance bill as much as a cybersecurity bill.

The bill does not require companies to share information, only allows voluntary sharing, the committee said in a fact sheet about the PCNA.

"The bill has nothing to do with government surveillance; rather, it provides narrow authority for the government and the private sector to share anonymous cyber threat information," according to the fact sheet. "The bill expressly does not give authority to companies to send information directly to the NSA or the military."

A second cyberthreat sharing bill that may come to the House floor has fewer privacy concerns attached to it. In addition to the PCNA, the House may also vote on the National Cybersecurity Protection Advancement Act this week.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags New America Foundationfree pressNational Cable and Telecommunications AssociationU.S. National Security AgencylegislationprivacyElectronic Frontier FoundationAmerican Civil Liberties UnionUnited States Telecom AssociationsecurityU.S. House of RepresentativesctiaDesktop securityencryptiongovernmentdata protection

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments