Yesterday TNW brought you the news that the Secure IT Act, one of the leading cybersecurity bills in the US Senate, had been revamped to, in theory, address the concerns of privacy advocates and consumer groups. TNW was skeptical that the changes would settle those issues.
Essentially, the changes to the bill made clearer how collected information could be used, but did not change how the data could be sent to the US government. Or, in plainer language, the changes did not change the Act’s core provision of sharing private consumer data with federal agencies, but simply amended how that data might be employed.
Prominent voices are calling foul. It’s hard to think that the bill’s backers didn’t expect this. Whatever the case, the following is a condensed version of what the ACLU told The Hill: ‘The bill remains flawed at its core, and the changes are peripheral.’ Or, more bluntly: the changes aren’t nearly enough.
So long as the intelligence agencies, and even branches of the military, can collect private data from citizens, the bill is a nonstarter for many. As you will recall, similar charges were leveled against the Cyber Intelligence Sharing and Protection Act (CISPA), which passed the House.
Also in The Hill’s report on the response to the bills’ changes is a quote from the Center for Democracy and Technology, which called the adaptations “only modest improvements.” The Center noted that the bill yet has ample room to improve.
To have to deal with this issue yet again is almost asinine. The White House promised to veto CISPA, which is quite similar in a number of important ways to the Secure IT Act. Also, the White House and Senate majority party are demanding mandates for critical infrastructure be part of any cybersecurity bill. The House majority is vehemently opposed to such regulation.
So, a bill in the Senate, that can’t pass the Senate, has been adapted in a way that doesn’t address its core flaws. Even if it did pass the Senate, it’s likely dead on the President’s desk. Thus Congress makes ‘progress.’
The only compromise that I can see, and this is a huge stretch, is if the Lieberman-Collins bill in the Senate manages to induct incentives for critical infrastructure safety instead of formal mandates, and at the same time manages to head off the most onerous of data-sharing propositions that have so many fretting. Such a hybrid might have a shot in both houses and the White House. But don’t hold your breath.
Top Image Credit: Andrew Malone