Today, 21 cyberlaw and/or cybersecurity professors and researchers joined a letter calling for the Senate to reject the Cybersecurity Information Sharing Act ("CISA"). Endorsing the concerns raised in an April 2015 technologists' letter, the signatories identify the fundamental problem with CISA, namely, that it will achieve little to address the real cybersecurity challenges facing US industry. Moreover, the letter points out three primary CISA downsides, specifically, that it will
- "Allow 'voluntary' sharing of heretofore private information with the government, allowing secret and ad hoc privacy intrusions in place of meaningful consideration of the privacy concerns of all Americans. The Freedom of Information Act would be neutralized, while a cornucopia of federal agencies could have access to the public’s heretofore private-held information with little fear that such sharing would ever be known to those whose information was shared.
- "Allow companies to attack cybersecurity threats, without clear limitations on their power or scope.
- "Allow companies to do any and all of the above with little fear of facing legal consequences for poor judgment (or worse)."
As a classic "let's do something" law, the signatories urge the Senate to reject CISA. Questions or comments can be addressed to the letter's author, CIS Affiliate Scholar David S. Levine, at dsl2@princeton.edu.