Privacy concerns about a proposed bill in the Senate that would allow online entities to share confidential consumer information were acknowledged in a letter to Sen. Al Franken (D-Minn.) from Department of Homeland Security (DHS) on Tuesday.
In July, Franken asked DHS a series of questions about how provisions in the Cybersecurity Information Sharing Act (CISA) would affect the confidentiality of Americans’ sensitive information, as language of the bill prohibits individuals from being able to sue the organization(s) which release the data.
In a response letter to Sen. Franken, DHS deputy secretary Alejandro Mayorkas admitted that CISA “could sweep away important privacy protections” and “raises privacy and civil liberties concerns.”
CISA encourages companies holding private user data to share the information with government agencies (namely the Director of National Intelligence, DHS, Department of Defense, Department of Justice) for “cybersecurity purposes”, and exempts them from future regulatory laws.
“The transparency requirement is so narrow that, if you met the requirements within the bill to get protection, it would give (participating companies) broad range to collect data and then send it to the government,” said a spokesman for the online consumer advocacy group Access Now.
Credit reporting agency Experian is lobbying for the passage of CISA. A spokeswoman for the company said in a statement that “such sharing arrangements . . . could improve our mutual efforts to better detect and respond to emerging cyber threats.”
CISA is due for a floor vote on Thursday, and Senate majority leader McConnell said the bill could pass as early as “this week.”
Two other legislative efforts, recommended by the Federal Trade Commission, both which protect individuals from unauthorized use of their personal information by “data brokers”, are currently being held up in their respective committees.
Editor’s note: consideration of the bill has been delayed until September.
[The Guardian] [RT America] [Washington Post]