The most recent omnibus spending bill now includes the Cybersecurity Information Sharing Act of 2015. This bill provides broad protection to companies that share loosely defined "cybersecurity" information with government, even disallowing FOIA requests attempting to learn how much information was shared.
Whether or not you agree with CISA, it’s easy to dislike the process that is being used to shove this bill into law. The lack of scrutiny and guerrilla tactics create the appearance that this is just a thinly veiled effort to restore warrantless government surveillance over all forms of communication, including the Internet and social media. They’re using “cybersecurity” threat as a way to scare people into approving new huge programs to monitor communications. And it’s not likely to stop here. Officials are already complaining that encryption prevents government access to communications, and therefore companies should include a backdoor for government access.
“It’s clear now that this bill was never intended to prevent cyber attacks,” said Evan Greer, campaign director of Fight for the Future, in a statement. “It’s a disingenuous attempt to quietly expand the U.S. government’s surveillance programs, and it will inevitably lead to law enforcement agencies using the data they collect from companies through this program to investigate, prosecute, and incarcerate more people, deepening injustices in our society while failing to improve security.”
None of this is good for cybersecurity. And none of it will help with terrorism. All it will do is destroy privacy and build an expensive and powerful surveillance empire.