White House Preparing Executive Order As A Stand-In For CISPA

from the doing-something dept

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

This isn't a huge surprise -- and last month we even discussed the possibility , but it sounds as though the White House has decided that, with the failure of Congress to pass a comprehensive cybersecurity bill (CISPA passed in the House, but the rather different Cybersecurity Act failed in the Senate), it is going to issue some sort of executive order to deal with "cybersecurity issues."Late last week there was an awful lot of speculation over what would be, with some people arguing that it will do too much... and others arguing that it will do too little. However, late Friday, Jason Miller from Federal News Radio claimed to have seen a draft copy, and while he did not share the full copy, he did do a pretty thorough breakdown of what was in it . It sounds pretty similar to the Lieberman/Collins Cybersecurity Act -- the one that failed to gain Senate approval. The parts that concerned us the most in the bill -- concerning information sharing without real privacy protections -- appear to be in this executive order, and in some ways may be worse. While the President cannot grant liability protections for companies who share info with the government (a major concern we had), it sounds like this executive order will put tremendous pressure on companies to share info -- noting that it will begin a sort of "name and shame" program for companies who fail to take part. That seems like a recipe for a privacy disaster.The thing that I'm still waiting for is for someone (anyone?!) to lay out exactly where the problems are with current regulations in the area. We keep hearing that there's a real risk (though the only demonstration of that seems to be inflated, hyperbolic stories), and that without information sharing, the risk is much greater. But what has not been shown by anyone, in either Congress or the administration, is why the necessary sharing can't happen under existing laws today. They just keep saying it can't but refuse to point to the specific things that are causing those problems today. That's what makes me most nervous about all of this. When those in power can't fully articulate, it seems reasonable to be quite worried about. It makes it way too easy for that "solution" to be much too broad and cause all sorts of collateral damage.

Filed Under: cybersecurity, information sharing, obama administration, privacy, white house