House passes cybersecurity bill as privacy concerns linger
The House of Representatives go for the second round of Cyber Intelligence Sharing and Protection Act as it passed legislation on Thursday.
The newly granted powers are intended to stop computer security threats against a company’s rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against “improper” information modification and ensuring “timely” access to information, functions that are not necessarily tied to attacks.
Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat and, more broadly, for “national security” purposes, which is a poorly defined term that includes “threats to the United States, its people, property, or interests” and “any other matter bearing on United States national or homeland security.”
The bill’s vague definitions like “cybersecurity purpose” and “cybersecurity system” also raise the frightening possibility of a company using aggressive countermeasures. If a company wants to combat a threat, it is empowered to use “cybersecurity systems” to identify and obtain “cyber threat information.” But the bill does not define exactly how far a company can go, leaving it open to the possibility of abuse [...]