Civil liberties advocates are calling on President Obama to take a stand against cybersecurity legislation they fear would further embolden the National Security Agency.
In a letter on Tuesday, the American Civil Liberties Union, Electronic Frontier Foundation, Access and more than 30 other organizations, tech companies and individuals said President Obama should promise to block any legislation that sacrifices privacy for cybersecurity.“Legislation that focuses exclusively on facilitation of information sharing, such as CISPA [the Cyber Intelligence Sharing and Protection Act] and CISA [the Cybersecurity Information Sharing Act], jeopardizes the foundation of cybersecurity by improperly pitting human rights against security,” the groups wrote.
“We urge you to pledge to veto CISA and all future legislation that takes a similar approach.”
CISA, which passed the Senate Intelligence Committee on a 12-3 vote last week, would allow private companies and government agencies to share information about potential hacker threats, which supporters say is critical to protecting computer systems on Wall Street, at retailers and across the globe.
But the legislation would not require that companies seek out and remove people’s personal information like names or Social Security numbers before sharing data, critics say. Plus, it would allow information to be shuttled automatically to agencies like the NSA and make it difficult for people to sue if their information is poorly handled.
Privacy advocates have called the bill, which supporters hope will be taken up by the full Senate this month, the “zombie” twin of CISPA, which passed the House in April 2013.
At the time, Obama threatened to veto CISPA over privacy concerns, and he issued similar threats over a 2012 bill that also passed the House.
All that was before leaks from Edward Snowden made the NSA a household name, and critics have hoped the recent revelations would make lawmakers and the public more wary of the agency.
“Because CISA does not remedy any of the failures the Administration previously identified in CISPA and because it fails to adequately protect all users, we request that you promptly pledge to veto this dangerous legislation,” the advocates wrote in Tuesday’s letter.
Instead, they urge lawmakers to focus on a “comprehensive approach” to cybersecurity that gives an incentive for companies to remove online vulnerabilities, puts a civilian agency in charge and protects people’s privacy.