Renewed fears about cybersecurity on Capitol Hill and a new proposal on the matter from President Barack Obama could soon make life easier for government communications snoops who have found it increasingly difficult to scoop up private data without public backlash in recent years.
Obama on Tuesday said that the recent high profile cyberattack on Sony underscores the need for heightened U.S. cybersecurity regulations.
“With the Sony attack that took place, with the Twitter account that was hacked by Islamist jihadist sympathizers yesterday, it just goes to show how much more work we need to do — both public and private sector — to strengthen our cybersecurity,” the president told members of Congress.
Obama said that lawmakers should focus on crafting legislation to encourage more data sharing between private and government entities.
In other words, the Obama administration is teaming up with lawmakers to force through a renewed version of the much hated 2013 Cyber Intelligence Protection and Sharing Act, which many critics derided as a government/private sector information pipeline for data protected under the 4th Amendment.
Broad language in the original incarnation of CISPA granted private companies legal immunity for turning private communications data, including texts, emails and files, over to government snoops for “cybersecurity” purposes, effectively eliminating any private sector incentive to comply with U.S. privacy laws when faced with government information requests.
The White House publicly criticized the original CISPA legislation, a move some watchers now say stunk of political theater, based on how closely the administration’s new plan parallels the privacy damning original legislation.
“The status quo of overweening national security and law enforcement secrecy means that expanded information sharing poses a serious risk of transferring more personal information to intelligence and law enforcement agencies,” the Electronic Frontier Foundation said in a statement. “Given that the White House rightly criticized CISPA in 2013 for potentially facilitating the unnecessary transfer of personal information to the government or other private sector entities when sending cybersecurity threat data, we’re concerned that the Administration proposal will unintentionally legitimize the approach taken by these dangerous bills.”
Instead of hoping no one notices that it is walking back on promises to protect Americans’ private digital communications data by creating new ways for the government to access information, EFF argues that the administration should advocate strengthening existing information-sharing hubs and encouraging companies to use them more efficiently when a threat is detected.
The proposal given to lawmakers by the president also increase penalties in the Computer Fraud and Abuse Act for those charged with Internet crimes.
“[The plan] makes provisions for the prosecution of the sale of botnets, would criminalize the overseas sale of stolen US financial information like credit card and bank account numbers, would expand federal law enforcement authority to deter the sale of spyware used to stalk or commit ID theft, and would give courts the authority to shut down botnets engaged in distributed denial of service attacks and other criminal activity,” according to the White House.
EFF calls the expansion of those penalties troubling, citing “already excessive — and redundant — penalties for crimes performed with computers.”
In case you’re wondering how GOP congressional control will factor in to Obama’s attempts to push policies he once criticized, the original version of CISPA passed in the Republican-controlled House with overwhelming support from the right.
The GOP establishment hasn’t, after all, been shy about trumping privacy for the illusion on security in the past. And things are no different today.
In fact, Rep. Devin Nunes (R-Calif.), the new chairman of the House Intelligence Committee, is already working feverishly to undo weak surveillance reforms that passed through the House last year. He’s also urging lawmakers to reauthorize the government collection of Americans’ telephone records without question before the authority expires this summer.
“We don’t want to further encumber intelligence and law enforcement communities who already have a difficult task in tracking those who wish to attack Americans at home and abroad,” he told Bloomberg.