Why Do Senators Keep Lying About What CISA Would Be Used For?

from the liar-liar dept

We keep asking if the politicians supporting CISA -- the "Cybersecurity Information Sharing Act" can explain just what security breaches it would have stopped -- and they can't. Because the answer is that it wouldn't have stopped any of them. And yet, the politicians pushing CISA never seem to waste an opportunity to pretend that each new big computer hack would have been stopped if only CISA had been in place. A few months ago it was the OPM hack and, now, apparently it's the T-Mobile/Experian hack.

Both Senators Richard Burr and Dianne Feinstein (the two leading members of the Senate Intelligence Committee from each party) have been taking swings at anyone who won't support the bill, and have cited the T-Mobile customer breach as a reason to support it:
“If these special interest groups are successful in mischaracterizing this bill, which authorizes purely voluntary sharing, they will only succeed in allowing more personal information to be compromised to criminals and foreign countries.”

The Intelligence panel leaders urged action on the bill following a breach that might have exposed private data for 15 million current and prospective T-Mobile customers.
Of course, the reason that the customer data was exposed has nothing to do with CISA, which would not have stopped that breach. It had to do with Experian screwing up their encryption. If Feinstein and Burr really wanted to encourage better cybersecurity, they'd be encouraging greater encryption.

And they're not being truthful in the rest of their statement. As far as I've seen, most of the people opposing CISA are happy to admit that it's about "voluntary" sharing of information -- but they note that by taking away all liability from companies for sharing info, companies have greatly decreased incentives to protect user privacy.

And, also, all of this totally leaves out the real reason behind CISA. As was revealed this past summer, the NSA uses "cybersignatures" as selectors in searching through all of the upstream (backbone) traffic that it sniffs. Given that, what the NSA is really looking for are more "cybersignatures" in order to be able to sniff out many more things.

And guess what CISA would do? That's right, create incentives for companies to give "cybersignatures" to the NSA.

This is almost certainly why Senator Ron Wyden made it clear that CISA is a surveillance bill in disguise, because it would play right into the hands of the NSA, by giving it a way to snoop on even more communications after convincing companies to hand over "cybersignatures" that it can then use to sniff through everyone's internet traffic.

Yes, CISA is "voluntary." But it's totally about surveillance, not cybersecurity, and nothing in CISA would have prevented the T-Mobile hack or the OPM hack or any other hack. For Feinstein and Burr to suggest otherwise is totally disingenuous fluff, designed to mislead the American public and to support the NSA.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cisa, cybersecurity, cybersignatures, dianne feinstein, nsa, richard burr, ron wyden, surveillance, t-mobile hack
Companies: experian, t-mobile


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 9 Oct 2015 @ 11:57am

    just keep the money rolling...

    and we will parrot anything our corporate masters tell us to!

    link to this | view in chronology ]

  • icon
    Pronounce (profile), 9 Oct 2015 @ 11:59am

    What's Going on With Feeds

    Your news articles aren't coming up in my RSS feed.

    link to this | view in chronology ]

  • identicon
    Bob, 9 Oct 2015 @ 12:00pm

    You're not getting why..

    .. they are going for total information awareness. The elite fear political awakening and want to lock down society so society doesn't change in ways they don't like. That's why they are passing bullshit IP laws and giving corporations immunity. This is all part of the project of american empire.

    The grand chessboard

    http://www.amazon.com/gp/product/0465027261

    The Grand Chessboard: American Primacy And Its Geostrategic Imperatives

    http://www.amazon.com/review/R2NVX3KKHJONPW/ref=cm_cr_dp_title?ie=UTF8&ASIN=046502726 1&channel=detail-glance&nodeID=283155&store=books

    The (mass surveillance) by the NSA and abuse by law enforcement is just more part and parcel of state suppression of dissent against corporate interests. They're worried that the more people are going to wake up and corporate centers like the US and canada may be among those who also awaken. See this vid with Zbigniew Brzezinski, former United States National Security Advisor.

    https://youtu.be/Ttv6n7PFniY?t=11

    Brezinski at a press conference

    https://www.youtube.com/watch?v=0kmUS--QCYY

    More on spying and why you should be concerned:

    https://www.reddit.com/r/changemyview/comments/1fv4r6/i_believe_the_government_should_be_a llowed_to/cd89cqr

    The real news:

    http://therealnews.com/t2/

    http://www.amazon.com/Democracy-Incorporated-Managed-Inverted-Totalit arianism/dp/069114589X/

    http://www.amazon.com/Shadow-Government-Surveillance-Security-Single-Superpow er/dp/1608463656/

    http://www.amazon.com/National-Security-Government-Michael-Glennon/dp/0190206446/

    link to this | view in chronology ]

  • icon
    Violynne (profile), 9 Oct 2015 @ 12:07pm

    In other news, the Wall Street Journal is reporting its user database was hacked.

    Dianne Feinstein is responsible.

    If only she had pushed legislation to hold corporations responsible for failing to secure private information, none of this would have happened.

    link to this | view in chronology ]

  • icon
    Talmyr (profile), 9 Oct 2015 @ 12:25pm

    What will the EU think?

    Somehow I can't see this working with the EU's renewed cyber-privacy muscle-flexing.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Oct 2015 @ 5:25pm

      Re: What will the EU think?

      They don't really care. The problem is not that the NSA listens in the EU. If that were the case then the Germans wouldn't spy for them at the DE-CIX. The UK is even member in the Five Eyes club and has to share information.

      I guess by muscle-flexing you mean the safe-harbor thing?
      That wasn't the EU trying to change something or flex its muscles. They just had to admit that the agreement violates current law. The whole thing got started by one citizen and not some MEP or politician. So that was more of an Oops! moment than a show of force.

      link to this | view in chronology ]

  • identicon
    Glenn, 9 Oct 2015 @ 12:40pm

    Politicians lie because that's the only way they can get elected. ("How do you know a politician is lying? His/her lips are moving!")

    link to this | view in chronology ]

    • identicon
      Anonymous, 9 Oct 2015 @ 3:51pm

      Re:

      I prefer Satan over Antichrist. But Devil just makes Satan look like Beelzebub. No, I'm voting for Lucifer, thank you very much!

      link to this | view in chronology ]

      • icon
        Kal Zekdor (profile), 11 Oct 2015 @ 7:58pm

        Re: Re:

        No, I'm voting for Lucifer, thank you very much!

        I get the attraction of a headstrong and vain rebel, but are you really going to vote for Trump?

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2015 @ 1:14pm

    At night, is Feinstein put in a suitcase like those ventriloquist dolls?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2015 @ 1:49pm

    pretty obvious really, isn't it? they obviously think it's a better bet to back the various security forces, industries, corporations etc than doing what they were voted into office to do. and as for Feinstein, she should be removed completely from office at the first opportunity! she doesn't have the public in mind at all!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2015 @ 2:01pm

    Voluntary

    Of course it's "voluntary". You can either voluntarily comply of suffer the consequences. Totally your choice.

    link to this | view in chronology ]

    • identicon
      Ladar Levison, 12 Oct 2015 @ 6:13am

      John Galt

      You can voluntary serve the system or
      nuke your servers and lawyer up, Lavabit style.

      Ayn Rand : "stop the motor of the system"

      link to this | view in chronology ]

  • icon
    John Fenderson (profile), 9 Oct 2015 @ 2:37pm

    The other big lie

    most of the people opposing CISA are happy to admit that it's about "voluntary" sharing of information -- but they note that by taking away all liability from companies for sharing info, companies have greatly decreased incentives to protect user privacy.


    This is ignoring the other big lie with CISA: if the purpose is "voluntary data sharing", then the legislation is totally unnecessary: there is nothing preventing companies from voluntarily sharing this data right now, unless it's prohibited by a EULA or somesuch (in which case, the companies can just alter those terms).

    No legislation is required.

    Of course, the purpose is not voluntary data sharing. That's just the lie.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Oct 2015 @ 4:48pm

    The NSA has already driven a stake through the heart of tech America, this should help them finish the job on the rest of the greedy American corporate shills. There, and I didn't mention the name of that female senator who went "full retard" eons ago. The San Andreas fault is about the only thing that will stop ignorant Cali voters from re-electing her, but unfortunately that only covers part of southern Cali.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Oct 2015 @ 12:39am

    They are paid mouthpieces for sale. They would spout pro Chinese propaganda if the price tag was high enough.

    scum of the worst kind is a politician willing to say and do anything for a payoff.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Oct 2015 @ 6:34am

    They lie because they are politicians.

    link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 10 Oct 2015 @ 10:53am

    Perhaps we'd take them seriously if they could secure their own shit first. It really is beyond the pale for them to complain about needing more laws, when they can't even do basic security on their own systems.

    link to this | view in chronology ]

  • identicon
    J.R., 12 Oct 2015 @ 5:00pm

    re: Senators

    liars lie. Its what they do.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Oct 2015 @ 8:12am

    Dianne Feinstein should never be trusted with anything dealing with privacy. She has also proven time and time again she has no idea how the technology works that she is attempting to pass legislation upon. The Dolores Umbridge of the digital age.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 14 Oct 2015 @ 7:36am

      Re:

      "Dianne Feinstein should never be trusted with anything dealing with privacy."

      If you dropped "with anything dealing with privacy" then your statement would be no less accurate.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.