Dozens of the America’s biggest tech companies are criticising a proposed US cybersecurity bill that they fear does not offer privacy adequate protections to their users.
As The Washington Post reports, the Cybersecurity Information Sharing Act (CISA) has bipartisan backing and is due to be voted on next week — but is prompting significant opposition from the tech industry. Apple and Dropbox are the latest to challenge the proposed legislation, and join a chorus of voices including Google, Twitter, Yelp, Reddit, Wikipedia, and HP.
In a statement, Apple said: “We don’t support the current CISA proposal … The trust of our customers means everything to us and we don’t believe security should come at the expense of their privacy.”
So what exactly is CISA? It’s intended to help facilitate the sharing of companies’ data with the US government in order to prevent and tackle crime. If passed, a US citizen wouldn’t be able to sue Google, say, using privacy/antitrust laws for passing on their data to US law enforcement. It also provides immunity from the Freedom of Information Act, making it difficult to someone to find out exactly what information (if any) has been shared with the government.
Dropbox’s policy head Amber Cottle said that “while it’s important for the public and private sector to share relevant data about emerging threats … that type of collaboration should not come at the expense of users’ privacy.”
Ron Wyden, a “champion of the free and open internet” and Democratic senator, is among CISA’s opponents. “Sharing information about cyberscurity threats is a worthy goal,” he said. “Yet if you share more information without strong privacy protections, millions of Americans will say, ‘That is not a cybersecurity bill. It is a surveillance bill.'”
Wyden also warned that the bill could make citizens’ data vulnerable to hacking, according to The Guardian. “There is a saying now in the cybersecurity field … if you can’t protect it, don’t collect it. If more personal consumer information flows to the government without strong protections, my view is that’s going to be a prime target for hackers.”
Privacy advocates have been aggressively campaigning against CISA. When CCIA, an industry body whose members include Amazon, Google, Microsoft, Facebook came out against the bill, it was hailed by activists. “Members of Congress should pay attention: nobody wants this bill. Not the public, not security experts, and not even the industry it’s supposed to protect,” said Evan Greer, campaign director for campaigning group Fight For The Future. “The safety of Internet users personal information is more fragile than ever, if Congress decides to make matters worse, everyone will know it was the result of ignorance and corruption.”
According to Fight For The Future, companies opposing CISA include Twitter, Yelp, Salesforce, Wikipedia, Apple, Reddit, Dropbox, Mozilla, Yahoo, Adobe, Amazon, Dell, Ebay, Google, Microsoft, Netflix, and Oracle.