updated 11:59 pm EDT, Thu July 19, 2012
Public outcry pushes legislators to rethink act
The US Senate is reportedly set to consider a new cybersecurity bill (PDF) that will replace the Lieberman-Collins Cybersecurity Act, which was blasted by privacy advocates. The Electronic Frontier Foundation, a vocal critic of the original act, suggests legislators have responded to many of the "most glaring privacy concerns," though the advocacy group still maintains that such laws are unnecessary.
The fresh draft moves the responsibility of managing cybersecurity systens from the National Security Agency into the hands of civilian agencies, while prohibiting data from being shared with law enforcement except in specific circumstances. Data collected for computer crime will not be available to prosecute unrelated violations, such as copyright infringement or immigration status.
"Language in the first Lieberman-Collins Cybersecurity Act would have allowed data collected under cybersecurity purposes to be passed to law enforcement if there was evidence of criminal activity," the EFF wrote in a blog post. "This raised major concerns about our online service providers snooping through our communications for potentially incriminating data and passing it to the government without a warrant--a digital Big Brother."
Despite the tweaks, the bill still provides broad authorization for companies that want to monitor user data or block security countermeasures. The EFF praises the Senators who listened to the original complaints, however the group calls for further amendments to add another level of privacy protection.
"We've argued that this language is overly broad and could be interpreted by an overzealous ISP to let them block privacy-protective technologies like Tor," the EFF added. "When the bill goes to the floor next week, we're going to be throwing our weight behind amendments to address these ongoing flaws."