Question To Ask Anyone Who Supports CISA: What Breach Would It Have Stopped?

from the simple-questions dept

We've asked this before and no one answered. But with the faux "cybersecurity" CISA bill back on track for another vote, it's time to ask the question again: Can defenders of CISA explain what data breach it would have stopped? This is important, because many of the defenders of CISA keep pointing to things like the OPM hack as an example of why we need "cybersecurity regulations." Just yesterday, Senator John McCain used various recent high profile hacks as proof of why we need such a bill:
The chairman of the joint chiefs of staff is uncomfortable about the cyberthreats to this nation -- which just took place where millions -- MILLIONS! -- of Americans had their privacy hacked into. God only knows what the consequences of that are. And the other side has decided to object to proceeding with a bill that passed through the Intelligence Committee by a vote of 14 to 1. This is disgraceful.
But as policy counsel at the Open Technology Institute, Robyn Greene, recently noted on Twitter, none of the recent hacks would have been stopped if CISA was law.
It seems like a fairly important question, especially when politicians are pointing to those and similar hacks or data breaches as examples of why we must pass CISA. Yet they can't explain how the law would have stopped those breaches (because they can't, because it wouldn't have).

John McCain wants to talk about "disgraceful"? Isn't it more disgraceful to point to an attack that this bill would not have helped with as a key argument for why this bill needs to pass?

This is some pretty serious hand-waving on the part of the politicians. Of course, the truth is that they simply don't understand the details enough to know what they're doing. They just hear from surveillance/law enforcement types saying that we "need cybersecurity legislation" and then they hear about these breaches and they immediately connect the two. Yet, they don't know what the law really does or why it's needed, and certainly don't understand how breaches happen or what it would take to prevent them (if that were even possible). So they just say "well, cybersecurity!" as if that's good enough.

It's not.

The changes brought about by CISA could have a pretty serious impact on our privacy and security and if Congress is going to pass it by pointing to these breaches, they should first be required to explain how the law would have helped to stop any of those breaches. We'll wait.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: breach, cisa, cybersecurity, hack, john mccain


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 5 Aug 2015 @ 9:34am

    Cyber is a scary word

    Cyber crime, cyber attacks, cyber warfare, cyber security are all scary things. What really scares me is Cyberdyne!

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 5 Aug 2015 @ 9:36am

    All this data collection is not intended to stop crime, but rather enable them to discover who did what after the event, and call for more intrusive powers because they did not stop the crime.

    link to this | view in thread ]

  3. icon
    Berenerd (profile), 5 Aug 2015 @ 9:43am

    Re:

    Agreed. And they will only catch the little fish. Those that truly want to do sinister things know how not to hack a bank across state lines so they wont get caught by the FBI.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 5 Aug 2015 @ 10:01am

    they clearly didn't stop to ask anybody if this would actually do anything. This is just a privacy killing WE HAVE TO DO SOMETHIN! WAVES HANDS* bill.

    link to this | view in thread ]

  5. identicon
    Baron von Robber, 5 Aug 2015 @ 10:09am

    Pass-A-Law Bingo!

    For the Children!
    Child Porn!
    Another 9/11!
    Prevent Hacks!
    Copyright Theft!
    Stimulate the Economy!
    True Americans!
    Freedom (in the center)!
    Safety!
    Security!

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 5 Aug 2015 @ 10:24am

    were where these arguments when whistle blowers like snowden but not limited too, revealed the massive breach of privacy and security our own governments were inflicting upon us...........on the scale of things, these seem like a drop in the ocean

    I am suspect of true intentions

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 5 Aug 2015 @ 10:43am

    Then ask...

    ...how would this bill stop future breaches.

    link to this | view in thread ]

  8. icon
    techflaws (profile), 5 Aug 2015 @ 11:20am

    which just took place where millions -- MILLIONS! -- of Americans had their privacy hacked into.

    As opposed to the privacy hacked into by the NSA?

    link to this | view in thread ]

  9. icon
    Wothe (profile), 5 Aug 2015 @ 2:21pm

    Yet Another Risk

    When the Feds sneak in and steal all your data -- it all goes to the largest hacker target in existence.
    A real personal security breach hazard.

    link to this | view in thread ]

  10. identicon
    Hans Sherbert, 5 Aug 2015 @ 3:20pm

    So much for the "moral hight ground."

    Who thinks China was responsible for the breach?  Why would you believe our gov't.?  I say it was Russia.  NSA can't bear to admit it because Mr. Snowden being over there is such a humiliation.  They're obsessed with him & how can it be that Russia won't turn him over.  Snowden Snowden Snowden.  Yet NSA seems to blind to its own feckless amorality.

    We've been hegemonic a-holes around on the other side of the globe, State Dept. & CIA fomenting rubblizing wars.  Stirred up shit in Ukraine & blamed Russia for it.  Used a "training exercise" to fool some low-level rocket-launch guy into thinking the Dutch airliner was the enemy so he'd blow it up, then pointed the finger of blame at the evil Russkies.  What ever became of the plane's black box again?

    The OPM family jewels have been "exfiltrated."  But keep pokin' that bear.  Go ahead, tweak Putin's nose again & see what happens.

    Will anything be learned?  We had more to lose than anyone else & we lost it.  Thought we were too clever.  Don't look now but they've got our balls in a jar.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 5 Aug 2015 @ 6:20pm

    "if Congress is going to pass it by pointing to these breaches, they should .."

    There is problem #1. You are a peasant. There is no 'should' for humanoids of your type. Your program is faulty. Report for re-programming (you may have heard of this being called 're-education' - that just proves (as if it were needed, ha!) how out of date your software version is). Do it immediately.

    link to this | view in thread ]

  12. icon
    Spaceman Spiff (profile), 5 Aug 2015 @ 6:42pm

    We'll wait.

    Just don't hold your breath!

    link to this | view in thread ]

  13. icon
    Ninja (profile), 7 Aug 2015 @ 4:23am

    Re: We'll wait.

    And live a few hundred years maybe?

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.