(202) 244-2990

Preservation of Privacy should be the Rule, not the Exception

By: Yolanda Rondon, Esq., ADC Staff Attorney CISA additional tweet

The American-Arab Anti-Discrimination Committee opposes the Cybersecurity Information Sharing Act of 2015 (CISA, S. 754). The manager’s amendment fails to provide for vital privacy protections. For the Senate to even take steps to accord CISA with civil rights and civil liberty principles, much change is needed.

Demand privacy protections from your Senator by phone  or email, and protest Tomorrow, October 22, 2015 at 6:30pm in Washington DC.

Senators must act to:

1. Remove automatic NSA access to personal information shared with a governmental entity: The Senate must remove automatic NSA access to personal identifiable information shared. Foremost, there are valid concerns that CISA is authorizing a one stop shop for monitoring of all United States citizens’ data through companies based on past activities of intelligence agencies under the PRISM program. CISA would increase the government’s access to and storage of threat data and personal information. Alarmingly, CISA also fails to provide for adequate privacy protections prior to sharing.

2. Strengthen Requirement for Companies to Remove Personally Identifiable Information: The Senate must enhance the front-end protections for communications content and personally identifiable information by requiring companies to remove sensitive and unnecessary information before sharing “cyber threat” information with the government. Due to the vagueness of how CISA defines the term “cyber threat indicator,” the information that is shared could include large masses of unnecessary and non-cyber threat related personal information, equating to monitoring of all information. Strengthening this requirement would lessen the vulnerability of misuse, abuse and mishandling by intelligence agencies and companies.

3. Include a Sunset Clause in CISA: CISA proposes overbroad authorizations for monitoring, information sharing, and deployment of defensive measures “notwithstanding any other provision of law;” and overly expansive liability protections. The Senate must require a sunset clause to compel review of these new sweeping authorities. Senators’ has a responsibility to its constituents to ensure there is a feasible legislative avenue to remedy efficacy and privacy impact in the future.

CISA raises such serious privacy and civil liberties concerns that CISA is not only openly opposed by a broad coalition of privacy and civil liberties groups, but even some of the largest technology companies including Apple, DropBox, Sales Force, Twitter, and Yelp. To assure that there is sufficient opportunity for privacy rights to be protected in CISA; Senators must Vote No on cloture for the manager’s amendment. Otherwise Senators are sacrificing the freedom of their constituents and all U.S. citizens without even discussion, consideration, and reflection on the monumental impact of their decision.

Demand privacy protections from your Senator by phone  or email, and protest Tomorrow, October 22, 2015 at 6:30pm in Washington DC.

Attachment