Slashdot Mirror
US Budget Bill Passes With CISA Surveillance Intact (npr.org)
An anonymous reader writes: Early on Friday, the U.S. Senate approved the 2,000 page 'omnibus' budget bill that allocated $1.15 trillion in government funding. Later in the day, President Obama signed it into law. Because the budget bill was so important, many other pieces of unrelated legislation were tacked onto it, including the Cybersecurity Information Sharing Act, a bill notable for giving the government increased internet surveillance powers. Civil rights activists and tech experts largely consider it a "privacy disaster," and several lawmakers voted against the budget bill solely for CISA's inclusion. Senator Ron Wyden (D-OR) said, "Unfortunately, this misguided cyber legislation does little to protect Americans' security, and a great deal more to threaten our privacy than the flawed Senate version. Americans demand real solutions that will protect them from foreign hackers, not knee-jerk responses that allow companies to fork over huge amounts of their customers' private data with only cursory review." Corporations in the U.S. will now have "legal immunity when sharing consumers' private data about hacks and digital breaches."
The full omnibus is available online (PDF). The CISA provisions start on page 1,728.
Completely unrelated laws "riding" on other bills... There should be a law against that.
I believe, if certain Slashdot posters are to be taken as the consensus, it's the Republicans and they want us to die.
Actually, I think they just don't actually give a shit any more.
"So long and thanks for all the fish."
I believe this bill was making it's way through the legislative process and then the Eric Snowden disclosure happened.
And? The concurrency of the two unrelated things is rather irrelevant. The Snowden disclosure happened because (A) The government was engaged in illegal activity, and (B) Snowden decided to be a whistleblower.
Which would have been a protected action, were he an employee, but instead head was a 1099 contractor, like all the Uber drivers.
How many high profile network break-ins have happened since then?
Lots. They're generally not announced to the public, unless they involve credit cards or medical records.
Juniper Networks just announced yesterday a major compromise.
No, they announced a software patch for a problem that could have been used to compromised the security of VPN communications, but there's no evidence that it was ever used to do so, and some evidence that the change was made to the system by the employee of a government agency to allow them to eavesdrop on VPN conversations.
OPM was hacked and information for 20Million current and former employees and their spouses and children were compromised.
The agency should not have been keeping records on their spouses and children, since they were not employees, but even so, the compromised information was mishandled by the OPM. This was not a demonstration of skill on the part of the people who penetrated the system, it was a demonstration of incompetence on the people who were tasked with ensuring the system could not be penetrated.
This legislation has been needed for years. It is about time congress passed it.
This legislation was never needed. It's only utility is for making information collection for government agencies an unfunded mandate that has to be paid for by the companies whose systems the information is transiting.
The purpose of doing this is to make the companies adding strong privacy features to their software, particularly mobile phone and tablet software, among others, responsible for, and punishable for not, revealing said information, on demand, and without warrant.
In other words, it's an attempt to force companies to include back doors, or face fines when demands for information simply can not be accomodated to the governments satisfaction, for technological and mathematical reasons.
BTW: You have your dates wrong: the Snowden disclosure occurred in 2013; the bill was first introduced to to the Senate Intelligence Committe over a hear later, in 2013, during the 113th congress.
It's a really asinine piece of legislation. Paul Ryan (R, WI) should be removed from office over this nasty piece of crap, let alone the way he got it shoved through.
Is privacy such an enemy of the state now that they have to push it through in the budget bill? Why is ramming this through such a high priority for the Senate? Privacy used to be a second class issue. It hurts to watch our interests be so blatantly ignored by our governing body.
I agree, which is why I strongly suggest that everyone interested in this take a minute to look at the omnibus vote records from the House and the one for the Senate. If your representatives voted different than you want, take a few minutes to reach out to them. A phone call, email, or even (gasp) a physical letter will let them know what you think.
"What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
/)
There are countless avenues within U.S. gov't that he could have followed
Really? Name one whistleblower who followed one of those "countless avenues" to any effect, while not having G-men systematically wreck their lives.
Thomas Drake and friends tried, and suffered for it.
Gosh, thanks. That must be why the other ships call me Meatfucker -- GCU Grey Area (Eccentric)
As some whose entire (fingerprints, history, and the information of my family and friends... they got it all) information is out in the wild from the OPM hack, and someone that had to deal with illegal government requests from Qwest (don't ever refuse if you know what's good for you), I'd like to point out how piss-poor OPM security measures were (it took years of threatening lawsuits just to get "on file" listed in place of SS on SBU forms that travel within and outside my agency) and how this will actually decrease the security of everyone.
The government has already proven they are incapable of securing anyone's information, and they have now opened the floodgates for everyone's information to be targeted.
That this was passed under such tenuous conditions should make it clear how nefarious this legislation is. The government has declared its own people enemies of the state.
Have you read the act?
Have you?
Try that first before equating the United States with Nazi Germany
I find it interesting when people invoke Godwin in a dismissive tone as if people are crazy for drawing comparisons. Nazi Germany was allowed to occur because of a whole series of events and defects in human character which really do have parallels everywhere.