Why Do Senators Keep Lying About What CISA Would Be Used For?
from the liar-liar dept
We keep asking if the politicians supporting CISA -- the "Cybersecurity Information Sharing Act" can explain just what security breaches it would have stopped -- and they can't. Because the answer is that it wouldn't have stopped any of them. And yet, the politicians pushing CISA never seem to waste an opportunity to pretend that each new big computer hack would have been stopped if only CISA had been in place. A few months ago it was the OPM hack and, now, apparently it's the T-Mobile/Experian hack.Both Senators Richard Burr and Dianne Feinstein (the two leading members of the Senate Intelligence Committee from each party) have been taking swings at anyone who won't support the bill, and have cited the T-Mobile customer breach as a reason to support it:
“If these special interest groups are successful in mischaracterizing this bill, which authorizes purely voluntary sharing, they will only succeed in allowing more personal information to be compromised to criminals and foreign countries.”Of course, the reason that the customer data was exposed has nothing to do with CISA, which would not have stopped that breach. It had to do with Experian screwing up their encryption. If Feinstein and Burr really wanted to encourage better cybersecurity, they'd be encouraging greater encryption.
The Intelligence panel leaders urged action on the bill following a breach that might have exposed private data for 15 million current and prospective T-Mobile customers.
And they're not being truthful in the rest of their statement. As far as I've seen, most of the people opposing CISA are happy to admit that it's about "voluntary" sharing of information -- but they note that by taking away all liability from companies for sharing info, companies have greatly decreased incentives to protect user privacy.
And, also, all of this totally leaves out the real reason behind CISA. As was revealed this past summer, the NSA uses "cybersignatures" as selectors in searching through all of the upstream (backbone) traffic that it sniffs. Given that, what the NSA is really looking for are more "cybersignatures" in order to be able to sniff out many more things.
And guess what CISA would do? That's right, create incentives for companies to give "cybersignatures" to the NSA.
This is almost certainly why Senator Ron Wyden made it clear that CISA is a surveillance bill in disguise, because it would play right into the hands of the NSA, by giving it a way to snoop on even more communications after convincing companies to hand over "cybersignatures" that it can then use to sniff through everyone's internet traffic.
Yes, CISA is "voluntary." But it's totally about surveillance, not cybersecurity, and nothing in CISA would have prevented the T-Mobile hack or the OPM hack or any other hack. For Feinstein and Burr to suggest otherwise is totally disingenuous fluff, designed to mislead the American public and to support the NSA.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cisa, cybersecurity, cybersignatures, dianne feinstein, nsa, richard burr, ron wyden, surveillance, t-mobile hack
Companies: experian, t-mobile
Reader Comments
Subscribe: RSS
View by: Time | Thread
just keep the money rolling...
[ link to this | view in thread ]
What's Going on With Feeds
[ link to this | view in thread ]
You're not getting why..
The grand chessboard
http://www.amazon.com/gp/product/0465027261
The Grand Chessboard: American Primacy And Its Geostrategic Imperatives
http://www.amazon.com/review/R2NVX3KKHJONPW/ref=cm_cr_dp_title?ie=UTF8&ASIN=046502726 1&channel=detail-glance&nodeID=283155&store=books
The (mass surveillance) by the NSA and abuse by law enforcement is just more part and parcel of state suppression of dissent against corporate interests. They're worried that the more people are going to wake up and corporate centers like the US and canada may be among those who also awaken. See this vid with Zbigniew Brzezinski, former United States National Security Advisor.
https://youtu.be/Ttv6n7PFniY?t=11
Brezinski at a press conference
https://www.youtube.com/watch?v=0kmUS--QCYY
More on spying and why you should be concerned:
https://www.reddit.com/r/changemyview/comments/1fv4r6/i_believe_the_government_should_be_a llowed_to/cd89cqr
The real news:
http://therealnews.com/t2/
http://www.amazon.com/Democracy-Incorporated-Managed-Inverted-Totalit arianism/dp/069114589X/
http://www.amazon.com/Shadow-Government-Surveillance-Security-Single-Superpow er/dp/1608463656/
http://www.amazon.com/National-Security-Government-Michael-Glennon/dp/0190206446/
[ link to this | view in thread ]
Dianne Feinstein is responsible.
If only she had pushed legislation to hold corporations responsible for failing to secure private information, none of this would have happened.
[ link to this | view in thread ]
What will the EU think?
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Voluntary
[ link to this | view in thread ]
The other big lie
This is ignoring the other big lie with CISA: if the purpose is "voluntary data sharing", then the legislation is totally unnecessary: there is nothing preventing companies from voluntarily sharing this data right now, unless it's prohibited by a EULA or somesuch (in which case, the companies can just alter those terms).
No legislation is required.
Of course, the purpose is not voluntary data sharing. That's just the lie.
[ link to this | view in thread ]
Re: You're not getting why..
WATCH IT!
https://www.youtube.com/watch?v=Q5y-ok3l27k
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: What will the EU think?
I guess by muscle-flexing you mean the safe-harbor thing?
That wasn't the EU trying to change something or flex its muscles. They just had to admit that the agreement violates current law. The whole thing got started by one citizen and not some MEP or politician. So that was more of an Oops! moment than a show of force.
[ link to this | view in thread ]
scum of the worst kind is a politician willing to say and do anything for a payoff.
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
See the science on reasoning and the brain:
https://www.youtube.com/watch?v=PYmi0DLzBdQ
[ link to this | view in thread ]
Re: Re:
I get the attraction of a headstrong and vain rebel, but are you really going to vote for Trump?
[ link to this | view in thread ]
John Galt
nuke your servers and lawyer up, Lavabit style.
Ayn Rand : "stop the motor of the system"
[ link to this | view in thread ]
re: Senators
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
If you dropped "with anything dealing with privacy" then your statement would be no less accurate.
[ link to this | view in thread ]