The House passed two cybersecurity "information sharing" bills today: the House Permanent Select Committee on Intelligence's Protecting Cyber Networks Act, and the House Homeland Security Committee's National Cybersecurity Protection Advancement Act. Both bills will be "conferenced" to create one bill and then sent to the Senate for advancement. EFF opposed both bills and has been urging users to tell Congress to vote against them.
The bills are not cybersecurity "information sharing" bills, but surveillance bills in disguise. Like other bills we’ve opposed during the last five years, they authorize more private sector spying under new legal immunity provisions and use vague definitions that aren’t carefully limited to protect privacy. The bills further facilitate companies’ sharing even more of our personal information with the NSA and some even allow companies to "hack back" against potentially innocent users.
As we've noted before, information sharing is not a silver bullet to stopping security failures. Companies can already share the necessary technical information to stop threats via Information Sharing and Analysis Centers (ISACs), public reports, private communications, and the DHS's Enhanced Cybersecurity Services.
While we are disappointed in the House, we look forward to the fight in the Senate where equally dangerous bills, like the Senate Select Committee on Intelligence's Cybersecurity Information Sharing Act, have failed to pass every year since 2010.
Contact your Senator now to oppose the Senate bills.