CCIA Urges Senate to Improve Cybersecurity Information Sharing Act

BY CCIA Staff
October 15, 2015

Washington — The Cybersecurity Information Sharing Act (CISA) (S. 754) is again due for consideration in the Senate in the coming weeks.  The bill primarily aims to facilitate the timely sharing of cyber threat indicators between and among the private sector and government, with the goal of improving overall domestic Internet and infrastructure security.  The Computer & Communications Industry Association fully supports that goal.

However, CCIA is unable to support CISA as it is currently written. CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government.  In addition, the bill authorizes entities to employ network defense measures that might cause collateral harm to the systems of innocent third parties.

It is important to note that while appropriately constructed cybersecurity information sharing legislation can provide a more efficient regime for the voluntary sharing of appropriately limited information between the private sector and government, it is not the only means through which information sharing can occur.  Current legal authorities permit companies to share cyber threat indicators with the government where necessary to protect their rights and the rights of their users, and should not be discounted as useful existing mechanisms.

Still, CCIA recognizes the goal of seeking to develop a more robust system through which the government and private sector can readily share data about emerging threats.  But such a system should not come at the expense of users’ privacy, need not be used for purposes unrelated to cybersecurity, and must not enable activities that might actively destabilize the infrastructure the bill aims to protect.

CCIA looks forward to working with Congress to improve CISA and other related cybersecurity information sharing bills, with the hope that a limited and efficient voluntary information sharing regime, with robust privacy protections and use restrictions, will result.

Related Articles

CCIA Supports House Amendment to Protect Americans’ Browsing Data from Warrantless Collection

May 26, 2020

Washington — The House is expected to vote this week on a bipartisan amendment to H.R. 6172, the “USA FREEDOM Reauthorization Act of 2020.” The amendment, brought by Representatives Lofgren (D-CA) and Davidson (R-OH), would protect Americans’ private internet browsing and search data from warrantless collection under Section 215 of the USA PATRIOT Act. A…

Senate Advances USA FREEDOM Reauthorization Act with New Surveillance Reforms

May 14, 2020

Washington — The Senate has voted to reauthorize expired authorities allowing federal government surveillance of Americans with additional reforms to legislation that the House previously passed. The Computer & Communications Industry Association has fought the unreasonable expansion of government surveillance for more than a decade. The following can be attributed to CCIA President Matt Schruers:…

CCIA, 4 Associations Send Letter Warning Of Encryption, Safety Risks Of New Bill

Mar 5, 2020

Washington — The Computer & Communications Industry Association sent a letter signed by 4 other associations warning Congress of the collateral dangers of altering the law that gives internet companies legal certainty to remove nefarious content. Under current law companies are granted liability protections which enable them to remove offensive content. Now several Senators are…