Senate Passes CISA: Robbie's Round-Up (10/26-30)

You’re reading the Benton Foundation’s Weekly Round-up, a recap of the biggest (or most overlooked) telecommunications stories of the week. The round-up is delivered via e-mail each Friday; to get your own copy, subscribe at www.benton.org/user/register

The Senate Passes CISA
Robbie's Round-Up (October 26-30, 2015)

Senate Passes CISA
On October 28, the Senate passed the Cybersecurity Information Sharing Act (CISA, S. 754) by a vote of 74 to 21.

CISA is designed to stem the rising tide of corporate data breaches by allowing companies to share cybersecurity threat data with the Department of Homeland Security (which could then pass it on to other agencies like the Federal Bureau of Investigation and the National Security Agency). In theory, these federal agencies would use the information to defend the targeted companies and others facing similar attacks.

The Senate rejected amendments from Sens Ron Wyden (D-OR), Dean Heller (R-NV), Pat Leahy (D-VT), and Al Franken (D-MN) that would have:

  • Required companies to remove personal information before sharing data with the government
  • Removed restrictions on Freedom of Information requests for data shared under the program
  • Tightened the definition of "threat indicators" to include only information necessary to describe actual harm (not “potential harm,” as in the original bill) caused by an incident

CISA supporters argue that the government could better help private companies secure their systems if it has more information about the threats they face. But critics have warned that the bill, combined with the surveillance programs revealed by former NSA contractor Edward Snowden, could give intelligence agencies more leeway to collect "upstream data" from the Internet backbone. Apple, Reddit, Twitter, the Business Software Alliance, the Computer and Communications Industry Association, and other tech firms have all publicly opposed the bill. And many civil liberties groups campaigned aggressively against the legislation. For example, a coalition of 55 civil liberties groups and security experts all signed onto an open letter opposing the bill in April.

Why Does This Matter?
The passage of CISA in the Senate marks an important moment in the larger national conversation about balancing security with privacy rights. The effects of CISA, if enacted, will be far-reaching, as all Internet users are at risk of having information unrelated to cybersecurity threats shared with the NSA and FBI without a warrant.

The four year process of getting CISA passed also serves as an example of the difficulty in passing cybersecurity legislation that keeps pace with the growing sophistication of computer attackers, often state-sponsored. As David Sanger and Nicole Perlroth wrote in the New York Times, the lesson is that “cyberthreats move at digital speeds and Congress moves at, well, congressional speed.”

The bill is a step toward increasing security and surveillance, and away from protecting individual privacy online. This legislation may help deter future cyberthreats and increase online security, but at a cost to online privacy, a necessary component for democratic engagement.

What’s Next:
CISA must now be reconciled with legislation passed earlier in 2015 by the House. CISA co-sponsor Sen Richard Burr (R-NC) said the work will “move at a very slow pace” because of the number of technical differences and the House leadership change-up. Sen Burr added that the result will mean the final version won’t be ready until January at the earliest.

The White House expressed qualified support for the legislation on Oct 22, indicating that it would work to make improvements to the bill. President Barack Obama is not expected to veto the bill.

European Parliament Adopts Network Neutrality Regulations -- With Controversial Loopholes
The European Parliament voted in favor of new regulations which proponents say establish an Internet "without discrimination." But advocates for net neutrality say the laws contain a number of loopholes which could lead to the creation of tiered Internet service.

Why Does This Matter?
World Wide Web creator Sir Tim Berners-Lee reacted to the move saying:
“When I designed the World Wide Web, I built it as an open platform to foster collaboration and innovation. The Web evolved into a powerful and ubiquitous platform because I was able to build it on an open network that treated all packets of information equally. This principle of net neutrality has kept the Internet a free and open space since its inception...If adopted as currently written, these rules will threaten innovation, free speech and privacy, and compromise Europe’s ability to lead in the digital economy. To underpin continued economic growth and social progress, Europeans deserve the same strong net neutrality protections similar to those recently secured in the United States.”

For more information about the decision and the implications, see ars technica’s, “Why Europe’s net neutrality plan is more controversial than US rules” and Barbara van Schewick’s article, “Europe Is About to Adopt Bad Net Neutrality Rules. Here’s How to Fix Them”

What’s Next:
Now that the legislation has been approved by the European Parliament, the Body of European Regulators (BEREC) has nine months to pass on guidelines to individual nations.

Congressional Hearings
This week saw numerous Congressional hearings concerning FCC decisions and future communications policy.

On Oct 27, the House Communications Subcommittee held a hearing “Common Carrier Regulation of the Internet: Investment Impacts” to discuss the impact of the FCC’s net neutrality rules on consumers, jobs, and investment.

On Oct 28, FCC Commissioner Jessica Rosenworcel appeared before the Senate Commerce Committee for a reconfirmation hearing. Democratic Senators on the committee urged swift confirmation, but it won’t happen for at least two weeks, as Committee Chairman John Thune (R-SD) kept the record open so Commissioner Rosenworcel could respond to written questions. She is not expected to have any trouble securing that confirmation vote in either the Senate Commerce Committee or full Senate.

Also on Oct 28, the House Communications Subcommittee held a hearing, “Breaking Down Barriers to Broadband Infrastructure Deployment,” to consider the myriad of legislative proposals to remove barriers to broadband infrastructure deployment. These proposals include:

  • Streamlining rights-of-way permitting and making it easier for getting access to federal land and utility polls;
  • "Dig Once" policies that take advantage of existing roadwork to deploy fiber conduit; and
  • Examining the bureaucracy that impedes private sector investment in broadband.

Quick Bits

Weekend Reads (resist tl;dr)

Events Calendar for the Week of Nov 2-6, 2015
Nov 5 -- New America Foundation event “Ranking Digital Rights” on the Ranking Digital Rights Corporate Accountability Index which, starting on November 3rd, rankingdigitalrights.org will feature interactive visualizations of the data as well as analyses of company performance.

ICYMI From Benton


By Robbie McBeath.