Looks like small technology companies and privacy groups are not the only opponents of the Cyber Intelligence Sharing and Protection Act (CISPA) which, as I analyzed last week, contains numerous nagging privacy issues. According to The Verge, the White House has responded to a petition on its website, also noting its issues with the current language of the bill.
Specifically, the White House recommends that the bill add the following principal provisions:
- It’s important that any information shared under a new cybersecurity law must be limited to what’s relevant and necessary for cybersecurity purposes. That also means minimizing information that can be used to identify specific individuals. For example, if a utility company is looking for government assistance to respond to a cyber attack, it is unlikely that it needs to share the personal information of its customers, like contact information or energy-use history, with the government.
- Cybersecurity legislation needs to preserve the traditional roles for civilian and intelligence agencies that we all understand. Specifically, if legislation authorizes new information sharing between the private sector and the government, then that new information should enter the government through a civilian department rather than an intelligence agency. That doesn’t mean breaking the existing mechanisms that already work. For example, victims of cyber crime ought to continue to report those violations to federal law enforcement agencies and public-private information-sharing relationships that already exist should be preserved.
- Any new legislation ought to provide legal clarity for companies that follow the rules and appropriately share data with the government. But it should not provide broad immunity for businesses and organizations that act in ways likely to cause damage to third parties or result in the unwarranted disclosure of personal information.
It is good to see that CISPA may be vetoed unless some serious changes are made to those nagging privacy issues. I will update on any development.
Enter your email to get started.