If you want to pass a bill that allows for warrant-free surveillance from the government perpetrated against United States citizens, the last thing you’d want to call it is a surveillance bill. The answer from the United States Senate was simple. They called it a cybersecurity bill and passed it with as little fanfare and attention as possible.
In case you want to know who passed CISA, Techdirt has you covered.
— Tim Ney (@timocity) October 28, 2015
This is not going to make you safer regardless of how the government tries to position it. In fact, it will slow down the ability of companies to defend your privacy or protect you from cyberattacks. The reason is because CISA offers two possible actions. Either the companies can work to fight cyberthreats, or they can allow the cyberthreats to work out and pass the information off to the government. They are protected with the second scenario; there’s nothing that a citizen or the government can do to them if they comply by giving cyberthreat data (and therefore your data) over to the government.
On the other hand, if they take action to stop it, they can be held liable by you and by the government. Why would they put themselves at risk? Rather than try to fight it, they will pass it off to the government and hope that they will try to fight it. They won’t. Instead, they will learn from it and defend against future attacks. That’s the strategy that they United States government is using. This passive approach to security goes against privacy for a reason.
Keep in mind that the fringe benefit of collecting your personal information is just as important to them as protecting you from the cyberthreats in the first place.
The right way to do it is to empower companies and even give them benefits for taking actions that protect your data from everyone, including the United States government. That would defend you better from cyberthreats and it would defend your privacy from prying eyes. Instead of going down that road, we got CISA.
Congratulations, Senate. You beat us.