The cyberattack that crippled Sony has caused the U.S. government to explore controversial cybersecurity legislation.
The Cyber Intelligence Sharing and Protection Act (CISPA) was shut-down in 2013 by Congress. The bill would have granted permission for corporations to share individuals’ private data with the government legally, and without their consent.
According to Fight for the Future, the 2014 Cyber Information Sharing Act (CISA) is “more toxic” than CISPA.
“CISA stays in line with the original objective of the CISPA bill to strengthen and legitimize the NSA's surveillance programs. But this time the bill would allow for and encourage sweeping datamining taps on Internet users for the undefined purpose of domestic 'cybersecurity'. The NSA would be able to share this data with police and other law enforcement agencies for domestic 'cybersecurity' purposes - meaning these powers will be used against innocent citizens,” Fight for the Future writes.
The Electronic Privacy Information Center (EPIC) explains CISA as legislation that “allows companies to monitor private communications on their networks and to disclose user activity to the government. The bill would also exempt companies from liability for monitoring communications or disclosing user information.”
EPIC does state that CISA makes “some attempt to limit the collection of personally identifiable information.”
President Obama stressed the need for enhanced cybersecurity during his end-of-year press conference speech.
Obama has had a “cyber agency team look at everything we could do at the government level to prevent these kinds of attacks.”
“We have been correlating with the private sector but a lot more needs to be done,” Obama said.
Obama hopes Congress will work on “stronger cybersecurity laws that allow for information sharing across the private sector platforms as well as the public sector” in the new year.
The call for enhanced cybersecurity and legislation by Obama is what is causing some to believe CISA may become a reality.
“We must pass an information sharing bill as quickly as possible next year,” said Senate Intelligence Committee Chairman Dianne Feinstein (D-California).
Sen. John McCain (R-Arizona) also believes Congress should “finally pass long-overdue comprehensive cybersecurity legislation” due to the Sony hack.
McCain and Feinstein are not alone, as Rep. Jim Langevin (D-Rhode Island), co-chair of the House of Representatives cybersecurity caucus, supports passing cybersecurity legislation that promotes the sharing of information.
“The new Congress should act without delay to pass a comprehensive cybersecurity information sharing bill to allow the federal government to share what it knows about threats in cyberspace with the private sector, and vice versa,” Langevin said.
CISA was approved by the Senate Intelligence Committee earlier this year, and will receive a debate and full-vote by the Senate in 2015.
There has been no comment from Obama as to whether he will veto CISA, reports ZDNet.