Monday, 28 September 2015

If shutdown is averted, cyberbill faces smooth sailing

If Congress can get past the threat of a government shutdown this week, the prospects for Senate floor action on cybersecurity legislation would brighten appreciably.

But opponents of the Cybersecurity Information Sharing Act, which is primed for Senate consideration this fall, are promising to make the process as painful as possible for senators and companies that back the legislation.

A large bipartisan majority in the House has already passed info-sharing legislation, so the Senate is now the focus of intense lobbying efforts.

How painful could opponents make it? A recent show of support for legislation on info-sharing by 13 technology companies prompted a sharp-edged social media campaign denouncing the firms for “betraying” online privacy principles.

By the middle of last week, the digital rights group Fight for the Future was claiming 15,000 “angry emails” had been sent to companies that signed a Sept. 14 letter to congressional leaders calling for action on info-sharing.

The industry letter was orchestrated by BSA/The Software Alliance and signed by Microsoft, Apple, Adobe Systems, IBM, Oracle, Siemens, Symantec, Altium, AutoDesk, CA Technologies, DataStax, MiniTab and Salesforce.

Of note, the industry letter cited the potential benefits of “cyberthreat information sharing legislation” without specifically mentioning the Senate Intelligence Committee-passed cyberbill or similar House-passed measures. Further, it buried the endorsement within a laundry list of tech-sector legislative priorities.

It was a relatively mild call for action, especially in comparison to the pro-cyberbill campaigns undertaken by the U.S. Chamber of Commerce and other industry groups. The U.S. Chamber has been going toe-to-toe with online privacy activists in the social media battle over the bill.

Many industry groups say improved information sharing among companies and between industry and government is essential to better understanding and responding to a fast-changing cyberthreat environment.

The pending cyberlegislation contains extensive elements to protect “personally identifiable information” within the sharing process, supporters say.

Tech companies risk far greater political blowback for endorsing cyberlegislation than do groups representing the energy or banking sectors, for example.

The digital rights activists were particularly offended by the declaration of support for cyberlegislation by companies like Microsoft, which famously dropped their backing for similar House legislation in previous years over privacy concerns.

Privacy groups announced they would boycott web-hosting and other services provided by companies that endorse CISA.

According to Fight for the Future, “The public backlash has come with a simple message: ‘You betrayed us.'”

The group wrote: “Fight for the Future plans to continue exposing companies that support anti-user legislation like CISA, and will work to get every popular website and tech company on the record about this crucial legislation. Many popular companies have opposed bills like CISA including Reddit, Imgur, Namecheap, WordPress and Mozilla.”

Is the social media campaign having an impact?

“Vocal minorities,” commented one Senate staffer in an office actively pushing to get the bill to the floor. “It sure hasn’t reached the level of a couple of years ago.” The source said protests pale in comparison to the online “blackout” organized in 2012 in opposition to the “Stop Online Privacy Act.”

And yet, if and when the info-sharing bill makes it to the floor, the digital rights groups’ position will be amplified by Sen. Ron Wyden, D-Ore., who delivered what amounted to a manifesto against info-sharing legislation during an early August floor speech.

Wyden said the “voluntary” info-sharing process in the bill was a sham, because individuals would have no say in whether their personal data was shared between industry and government.

The Oregon Democrat said the liability protection offered under the bill strips citizens of their right to seek legal redress when their personal information is mishandled.

And, Wyden said, leading technologists believe the bill just wouldn’t do much to improve cybersecurity.

Despite this determined opposition, it’s difficult to see opponents being able to block the bill if it does reach the floor.

Based on past comments and procedural votes, more than a dozen Democrats seem inclined to vote for an info-sharing bill as long as the process is seen as fair and senators have a chance to adjust the measure through amendments.

No more than a handful, and perhaps only two or three, Republicans are seen in the “no” camp. And the White House is encouraging Senate passage, which would lead to negotiations over a final version of the legislation.

The calendar is still probably the biggest obstacle.

The short-term government funding agreement likely to pass this week will probably carry over until Dec. 11, giving lawmakers two months to work on other legislative business as they seek a final deal on funding for the rest of fiscal 2016, which begins on Oct. 1.

The Senate has other priorities, including the defense authorization bill, highway funding, Toxic Substances Control Act reform and the assorted legislative wish-lists of 100 senators.

But Senate Majority Leader Mitch McConnell, R-Ky., and Minority Leader Harry Reid, D-Nev., agreed in August on the basic outlines of a cybersecurity debate, specifying that a total of 22 amendments could be offered for consideration.

The leaders still must reach a time agreement on the overall debate, a procedural step that has consistently foiled efforts to get the measure to the floor. That could involve a tricky effort to get senators on board for paring down the amendment list to a more manageable number.

But if the threat of a government shutdown goes away this week, the possibility of a thorough cybersecurity debate on the Senate floor, the first in three years, seems increasingly likely.

View the original content and more from this author here: http://ift.tt/1WsIhxi



from cyber security caucus http://ift.tt/1iVCbHH
via IFTTT

No comments:

Post a Comment