Feeds

NSA-friendly cyber-slurp law CISPA back on the table with new Senate bill

Unsurprisingly with spooks' full support

Security for virtualized datacentres

The Cyber Intelligence Sharing and Protection Act (CISPA), which allows private companies to share customer information with the NSA and others in the name of cybersecurity, is back on the legislative agenda.

Senator Dianne Feinstein (D-CA) today confirmed the draft law would be brought before the US Senate.

"I am working with Senator Saxby Chambliss (R-GA) on bipartisan legislation to facilitate the sharing of cyber related information among companies and with the government and to provide protection from liability," Senator Feinstein told Mother Jones in a statement. "The legislation will ... still maintain necessary privacy protections."

The outgoing head of the NSA and US Cyber Command General Keith Alexander is a strong supporter of CISPA. Earlier this month he told the Telecommunications Industry Association’s annual conference that the legislation was essential to protect the functioning of businesses by heading off online attacks, citing the vulnerability of Wall Street to outside hacking as an example.

CISPA has had a rocky legislative road so far. Originally introduced to the US House of Representatives back in 2011, the act was crafted to allow government departments to share intelligence about online threats with commercial companies. In exchange, those companies had the option of handing over either anonymized or identifiable information about their customers, with full legal immunity.

The initial bill was passed by the House but was shot down in the Senate by a Republican filibuster. Then it was reintroduced in February and passed by 288-127 votes. However, President Obama warned that he might veto the legislation as it stood, citing privacy concerns.

After NSA whistleblower Edward Snowden started leaking details about Uncle Sam's extensive communications surveillance operations, any further progress with the legislation was shelved – but now it appears Senator Feinstein feels the time is right to get it back in play. If the Senate passes the new law then the President will have to decide whether or not to exercise his veto.

The Senate version of CISPA is still being drafted, so the privacy protections (or lack thereof) that caused concern may yet be addressed. In the last round of politicking, companies including Google and Facebook spoke out in its favor, although back then no one knew that they were already passing information to the NSA under the PRISM project.

That said, there is a valid case for legislation that would allow greater information sharing between government and commerce about the latest computer security threats – currently there's no legal framework for doing so. Once the proposed legislation is published privacy advocates will be poring over it to determine if safeguards are strong enough to make the payoff of better security for all worthwhile. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.