Ramblings of an old Doc

 

Privacy vs. security…that’s at the core of the newest effort to secure us and US corporations from the cyber criminals/spies/hackers. Supposedly it’s better than CISPA and CISA.

It protects your security by enabling corporations to share your data and the government as well.

“The Protecting Cyber Networks Act enables private companies to voluntarily share cyber threat indicators with one another and to voluntarily share these indicators with the federal government so long as it does not go through the NSA or the Department of Defense, all while providing strong protections for privacy and civil liberties.” – House Permanent Select Committee on Intelligence

Seriously? The NSA is out of the loop? Who the hell believes that? Why do I doubt the veracity of this? Maybe because of the fact that it even brags about its ability to wage cyber warfare. Also, it would seem that the NSA must be part of the loop in order to do its legitimate job.

    • Protects privacy by prohibiting the government from forcing private sector entities to provide information to the government. 
    • Requires companies to remove personal information before they share cyber threat indicators with the government. 
    • Requires the federal agency that receives cyber threat indicators to perform a second check to remove personal information before sharing the indicators with other relevant federal agencies. 
    • Strictly limits the private-to-private and private-to-government sharing to cyber threat indicators and defensive measures to combat a cyber threat. The legislation does not allow for the sharing of information for non-cyber purposes. 
    • Imposes strict restrictions on the use, retention, and searching of any data voluntarily shared by the private sector with the government. 
    • Only provides liability protections for companies that share in good faith. 
    • Enforces these strong privacy and civil liberties protections by permitting individuals to sue the federal government for intentional privacy violations in federal court. 
    • Provides for strong public and congressional oversight by requiring a detailed biennial Inspectors General (IG) report of appropriate federal entities of the government’s receipt, use, and dissemination of cyber threat indicators. The Privacy and Civil Liberties Oversight Board (PCLOB) must also submit a biennial report on the privacy and civil liberties impact of the Act. – ibid

So, if this is so benevolent, how come data shared under this act might well be immune from disclosure under FOIA and would create a new secret cyber-intelligence coordinating body through which all this info passes? Guess what? The government doesn’t see it like that. Surprise!

Of course, this body would be immune from hacking. We’re supposed to believe these clowns who can’t even isolate unclassified from classified systems?

What I really fear is that this bill would allow the use of this data with the Espionage Act and that would make it ripe for the abuse of things such as the surveillance of journalists and their sources. Already, we’ve seen the current administration go after journalists and whistle blowers (here, for example – never mind the usage of the IRS).

No, I’m sorry but I trust the government exactly zero…wait, that’s not true. I trust the government to screw up and to try to put space between my rights and me.

The problem? It’ll probably pass the Senate – and that will be the real end of the only group which can keep the government in any sort of check: The press.


Comments (Page 2)
2 Pages1 2 
on Apr 29, 2015

ignore... delete...

on Apr 29, 2015

eviator

Vague? When a piece if malware is calling home to idareyoutotrustthisdomain.com, that is a rather specific indicator of compromise.

I was referring to how the gov't might use *public announcements* of current status of cyber security threats - not the actual functioning of the soft/firm/hard/ware.  The gov't announced all sorts of terror alerts - which did not actually reflect what was being done to successfully block terror attacks.

2 Pages1 2