Feeds

NSA-friendly cyber-slurp law CISPA back on the table with new Senate bill

Unsurprisingly with spooks' full support

Secure remote control for conventional and virtual desktops

The Cyber Intelligence Sharing and Protection Act (CISPA), which allows private companies to share customer information with the NSA and others in the name of cybersecurity, is back on the legislative agenda.

Senator Dianne Feinstein (D-CA) today confirmed the draft law would be brought before the US Senate.

"I am working with Senator Saxby Chambliss (R-GA) on bipartisan legislation to facilitate the sharing of cyber related information among companies and with the government and to provide protection from liability," Senator Feinstein told Mother Jones in a statement. "The legislation will ... still maintain necessary privacy protections."

The outgoing head of the NSA and US Cyber Command General Keith Alexander is a strong supporter of CISPA. Earlier this month he told the Telecommunications Industry Association’s annual conference that the legislation was essential to protect the functioning of businesses by heading off online attacks, citing the vulnerability of Wall Street to outside hacking as an example.

CISPA has had a rocky legislative road so far. Originally introduced to the US House of Representatives back in 2011, the act was crafted to allow government departments to share intelligence about online threats with commercial companies. In exchange, those companies had the option of handing over either anonymized or identifiable information about their customers, with full legal immunity.

The initial bill was passed by the House but was shot down in the Senate by a Republican filibuster. Then it was reintroduced in February and passed by 288-127 votes. However, President Obama warned that he might veto the legislation as it stood, citing privacy concerns.

After NSA whistleblower Edward Snowden started leaking details about Uncle Sam's extensive communications surveillance operations, any further progress with the legislation was shelved – but now it appears Senator Feinstein feels the time is right to get it back in play. If the Senate passes the new law then the President will have to decide whether or not to exercise his veto.

The Senate version of CISPA is still being drafted, so the privacy protections (or lack thereof) that caused concern may yet be addressed. In the last round of politicking, companies including Google and Facebook spoke out in its favor, although back then no one knew that they were already passing information to the NSA under the PRISM project.

That said, there is a valid case for legislation that would allow greater information sharing between government and commerce about the latest computer security threats – currently there's no legal framework for doing so. Once the proposed legislation is published privacy advocates will be poring over it to determine if safeguards are strong enough to make the payoff of better security for all worthwhile. ®

Build a business case: developing custom apps

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Govt control? Hah! It's IMPOSSIBLE to have a successful command economy
Even Moore's Law can't help the architects of statism now
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
This'll end well: US govt says car-to-car jibber-jabber will SAVE lives
Department of Transportation starts cogs turning for another wireless comms standard
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
New voting rules leave innocent Brits at risk of SPAM TSUNAMI
Read the paperwork very carefully - or fall victim to marketing shysters
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.