CybersecurityNSA revelations raise doubts about passage of cybersecurity legislation

Published 2 July 2013

U.S. officials say the revelations about the National Security Agency’s(NSA) domestic surveillance programs could make it harder for lawmakers to pass a cybersecurity bill. Critics of the House cybersecurity bill, known as the Cyber Intelligence Sharing and Protection Act (CISPA), which was passed earlier this year (it is still being debated in the Senate), argued the bill could lead to private information falling into the hands of the NSA.

U.S. officials say the revelations about the National Security Agency’s(NSA) domestic surveillance programs could make it harder for lawmakers to pass a cybersecurity bill.

The Hillnotes that civil liberties advocates have fought against the House cybersecurity bill, known as the Cyber Intelligence Sharing and Protection Act (CISPA), which was passed earlier this year, because they believed the bill could lead to private information falling into the hands of the NSA.

CISPA removes legal barriers that keep companies from sharing information with each other on cyberattacks, and allows companies to share that information with the government. Supporters of the act say it is essential to fight hackers attempting to steal sensitive information.

Before CISPA was approved, the House passed a series of amendments to improve the bill’s privacy protections, including one which limits the NSA’s access to information.

Now that it has come out that the NSA has been collecting metadata  on  phone calls and monitoring certain Internet activity, analysts say it will be harder for any cybersecurity legislation to pass.

“I think that the recent disclosures about the NSA’s conduct have put back the [cybersecurity] debate and they’ve changed it,” Greg Nojeim, a senior counsel with the Center for Democracy and Technology, said at a panel discussion hosted by theHill last week. “They’ve made it harder to pass cybersecurity legislation that has an information-sharing component.”

Nojeim says that in any future cybersecurity legislation, federal agencies would exploit vague language to access private data.

“It highlights the need for really robust privacy safeguards,” Sharon Franklin, a senior counsel with the Constitution Project, told the panel. “If nothing else, we’ve seen that the government will interpret its surveillance authorities aggressively and push to the bounds — and perhaps beyond the bounds —  of what the text of the law appears to permit.”

Representative Mike Pompeo (R-Kansas), who supports CISPA, agrees that the NSA issue is likely to come up in any discussion on cybersecurity legislation.

“I think it’d be foolish to say this discussion didn’t cause everyone to lump these together,” Pompeo told the panel, but added that they’re a “discrete set of issues.”

Civil liberties groups believe CISPA’s language is vague and unclear and the protections that have been added are not strong enough to protect private online information.

The White House does not support CISPA and has threatened to veto the bill.