Why Do Senators Keep Lying About What CISA Would Be Used For?

from the liar-liar dept

“If these special interest groups are successful in mischaracterizing this bill, which authorizes purely voluntary sharing, they will only succeed in allowing more personal information to be compromised to criminals and foreign countries.”



The Intelligence panel leaders urged action on the bill following a breach that might have exposed private data for 15 million current and prospective T-Mobile customers.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

We keep asking if the politicians supporting CISA -- the "Cybersecurity Information Sharing Act" can explain just what security breaches it would have stopped -- and they can't. Because the answer is that it wouldn't have stopped any of them. And yet, the politicians pushing CISA never seem to waste an opportunity tothat each new big computer hack would have been stopped if only CISA had been in place. A few months ago it was the OPM hack and, now, apparently it's the T-Mobile/Experian hack Both Senators Richard Burr and Dianne Feinstein (the two leading members of the Senate Intelligence Committee from each party) have been taking swings at anyone who won't support the bill , and have cited the T-Mobile customer breach as a reason to support it:Of course, thethat the customer data was exposed has nothing to do with CISA, which would not have stopped that breach. It had to do with Experian screwing up their encryption. If Feinstein and Burr really wanted to encourage better cybersecurity, they'd be encouraging greater encryption.And they're not being truthful in the rest of their statement. As far as I've seen, most of the people opposing CISA are happy to admit that it's about "voluntary" sharing of information -- but they note that by taking away all liability from companies for sharing info, companies have greatly decreased incentives to protect user privacy.And, also, all of this totally leaves out thereason behind CISA. As was revealed this past summer, the NSA uses "cybersignatures" as selectors in searching through all of the upstream (backbone) traffic that it sniffs. Given that, what the NSA is really looking for arein order to be able to sniff out many more things.And guess what CISA would do? That's right, create incentives for companies to give "cybersignatures" to the NSA.This is almost certainly why Senator Ron Wyden made it clear that CISA is a surveillance bill in disguise, because it would play right into the hands of the NSA, by giving it a way to snoop on even more communications after convincing companies to hand over "cybersignatures" that it can then use to sniff through everyone's internet traffic.Yes, CISA is "voluntary." But it's totally about surveillance, not cybersecurity, and nothing in CISA would have prevented the T-Mobile hack or the OPM hack or any other hack. For Feinstein and Burr to suggest otherwise is totally disingenuous fluff, designed to mislead the American public and to support the NSA.

Filed Under: cisa, cybersecurity, cybersignatures, dianne feinstein, nsa, richard burr, ron wyden, surveillance, t-mobile hack

Companies: experian, t-mobile