There’s a piece of legislation going through Congress right now that digital rights activists and web organisations – Twitter TWTR +0.00%, Salesforce, Yelp, Reddit and Wikipedia to name a few – are railing against. It’s called the Cybersecurity Information Sharing Act, a bill that is, on the surface, trying to make it easier for governments and private organisations to share data deemed critical to fighting online crime. But opponents claim it’s solely designed to allow more government snooping on internet users.
Reports surfaced over the weekend alleging Facebook, rather than stand against it as other web companies were, was actually lobbying for CISA, according to unnamed sources speaking with the Fight for the Future campaign group. A petition was launched demanding Facebook FB +0.97% come clean.
Though the reports offered no direct source nor much clarifying information, they gained a lot of traction, with notable blog Boing Boing spreading the claims to a much wider audience. Then Edward Snowden chimed in, tweeting it was “shameful” Facebook would do such a thing.
— Edward Snowden (@Snowden) October 25, 2015
Facebook wasn’t happy about those claims. It outright denied any such lobbying. “We have not advocated publicly or privately for CISA,” a spokesperson said in an emailed statement sent to FORBES. The spokesperson wouldn’t say whether or not Facebook was against the bill or not.
Facebook is, however, part of the Computer & Communications Industry Association (CCIA), a lobbying group that has said it cannot support CISA as it’s currently written. “CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government,” the group said earlier this month.
The Electronic Frontier Foundation has labelled the bill fatally flawed. It says there are problems in CISA’s allowances for government agencies, including the NSA, and web companies to share data in “real-time” with limited safeguards against privacy intrusion. The EFF has also taken umbrage with the broad terminology, in particular the term “cybersecurity purpose”, defined in CISA as “protecting an information system or information that is stored on, processed by, or transiting an information system from a cybersecurity threat or security vulnerability”. The bill would allow firms and public bodies to monitor and take actions on systems, possibly those containing personal information of users, for that “cybersecurity purpose”.
Senator Ron Wyden has been vocal in his opposition to CISA too. He believes most companies already share enough threat data and that it’ll only make for more attractive targets for hackers. “The government can’t keep its own data safe. Giving more of your information to the government creates a huge new target for hackers,” Wyden said in a Medium post, which listed a large number of bodies standing against the legislation.
Despite all that opposition, CISA is still passing swiftly through Congress. Last week, the Senate advanced it, meaning that this week will see proposed amendments voted on, before a final vote. It’ll then move to a conference committee to iron out any differences between the House and Senate-approved versions of the bill, ahead of a decisive vote from both chambers.
It appears few on the Hill are listening to the protests.