Cybersecurity Information-Sharing Bill Heading for Approval in Senate
This means that passage of CISA by both houses so it's soon ready for the president's signature remains questionable and will likely take an uncertain about of time. While the Senate will almost certainly pass CISA, that's where any certainty ends. There are many bills that have been passed by one house or other in Congress, but which have never even been considered by the other. This will give the anti-CISA lobbyists some hope beyond this week. But looking beyond just the passage of this particular bill, the issue of CISA presents a larger problem. On one hand, cyber-security has become one of the most controversial public policy issues of our time. As cyber-criminals get bolder, as nation-state-sponsored spying becomes ubiquitous, as losses grow and threats to citizens become greater, something clearly has to be done. To accomplish much of anything, disparate companies and government agencies need to share information as they work to fight the breaches.The U.S. Department of Justice, in its zeal to extend its power internationally, seems to have either forgotten the Fourth Amendment to the Constitution or it has found it too much of a roadblock as it ignores clear laws and international treaties prohibiting data searches it's trying to force Microsoft to carry out. It seems that the Justice Department would breach the Constitution that allows it to exist simply because it includes some inconvenient provisions. Is there any doubt why opponents to CISA are not persuaded by the promises of its backers? Unfortunately, the sharing of cyber-security information in near-real time is really important to the success of any credible effort to at least keep terrorists, cyber-spies and criminals at bay. With the technical capabilities and thus the information needed to effectively counter a cyber-attack, there's some hope of at least slowing down the occurrence of future cyber-attacks. Without that ability, those criminals can basically have their way with all of us. The problem is striking a balance between giving government access to data while maintaining some semblance of Constitutionally guaranteed privacy rights. And this explains the opposition. Perhaps it's time the House decides to write its own cyber-security bill, but this time to design in privacy protections from the ground up.
But here, the challenge is how to keep the solution from being worse than the problem. Do you dare to share personal information with other companies and the government without knowing for sure what may happen to it? The CISA bill as written contains some important safeguards, and many of the amendments would seem to fill most of the other gaps. But will that work?