Why the CISA amendment further erodes our right to privacy

Increasingly, governments are becoming the enemies of data protection

US Senate

A much-debated amendment to the 'Cybersecurity Information Sharing Act' (CISA) is splitting US authorities and the country's technology giants.

Last night the amendment passed through the first stages of a US Senate voteby 83 to 14, and if it passes a full Senate vote next week it will allow US courts to pursue foreign nationals accused of cybercrimes, even if they were perpetrated against other foreign citizens.

Advertisement - Article continues below

In other words, it considerably lowers the barriers for prosecuting cybercrime committed abroad, and means the US could prosecute anyone who steals data from anyone or any entity, regardless of where that crime occurs or whether a US entity is involved.

Extradition treaties mean that those accused of such crimes could then be brought back to the US to stand trial and face possible jail time.

For many people, including politicians from both sides of the house and a broad sweep of the business community, the amendment is a positive, strengthening IT security.

Within the technology sector, however, the likes of Apple, Dropbox, Facebook, Google, Twitter and the Wikimedia Foundation have revolted against it, citing privacy concerns.

Not all tech companies are convinced that the amendment to CISA will actually improve security and many are concerned about the privacy implications it poses.

Advertisement
Advertisement - Article continues below

Here's the thing - while the internet means we all live in an ever-shrinking world, that does not translate into expanding the scope of national law enforcement and justice. Different countries have widely varying views on what is and isn't suitable punishment to fit a given crime.

Advertisement - Article continues below

This is why it's important to put this US attempt at becoming the world's cyberpolice and cybercourts into perspective: should a German national living in France who hacks the credit card of an Italian citizen be subject to the laws of the US and face prison time there? Most people, I suspect, would think not. People should be prosecuted for their crimes, but the justice they face should be home-grown and not outsourced to another country.

The message from the dissenting tech giants is clear - the sharing of threat data is important but should not be at the expense of users' privacy. The mantra for all companies should be if you can't protect it, don't collect it'.

However, proposed legislation such as CISA in the US and the Snooper's Charter here in the UK move the protection goalposts somewhat. You have to ask yourself the question of who companies be protecting our data from. It's increasingly clear that it's not just the cybercriminals, but governments as well who want our data.

Advertisement - Article continues below

Ironically, given the IT security record of government agencies in the US over the last couple of years, once that information has been passed to them it's probably at greater risk of being hacked.

When it comes to privacy there is little room for much confusion or doubt. This part of the CISA bill should worry anyone: "Cyber threat indicators and defensive measures provided to the Federal Government under this Act shall be deemed voluntarily shared information and exempt from disclosure".

Yep, the Freedom of Information Act would not give anyone the right to know what data had been disclosed or by whom. Few corporates will actually take on 'the powers that be' when push comes to shove, which means that ultimately we can trust nobody but ourselves to protect our data from the grip of government surveillance.

At the end of the day my trust in both government and big business is already at a low, but this bill just drops it further down.

I am always being told whenever I rally against such moves as this that done nothing wrong, nothing to fear'. Well, I prefer to think in terms of done nothing wrong, deserve the right to a little privacy'...

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Recommended

Fitness Depot notifies customers of data breach
data breaches

Fitness Depot notifies customers of data breach

8 Jun 2020
ICO to relax GDPR enforcement during coronavirus economic downturn
General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020
The NHS teams up with Apple and Google on coronavirus tracking app
privacy

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
Health sites are 'unlawfully' sharing medical data with Facebook and Google
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do I fix the Windows 10 Start Menu if it's frozen?
operating systems

How do I fix the Windows 10 Start Menu if it's frozen?

3 Aug 2020