Politicians Cynically Using JP Morgan Hack To Try To Pass Laws To Diminish Your Privacy
from the you're-doing-it-wrong dept
So, as you probably heard last week, JP Morgan revealed more details of how it had been hacked, noting that the number of households impacted shot up to 76 million, thus impacting a pretty large percentage of Americans. The hack involved getting access to customer names, addresses, phone numbers and emails. It doesn’t appear to have gotten anything else, but that’s plenty of information to run some sophisticated phishing attacks that could lead to some serious problems. It’s expected that the fallout from this could be quite long lasting.
Almost immediately, politicians leapt into action… but not in any good way. They’re cynically using this as an excuse to push questionable cybersecurity legislation. Specifically, Senator Angus King used it to push CISA, a bill that actually undermines privacy, rather than protect it, by giving companies incentives to share info more freely, opening up greater opportunities for leaks and breaches. CISA gives those companies a blanket get-out-of-jail-free card by taking away any liability in sharing such info.
What no one explains is how something like CISA would actually have helped stop the JP Morgan hack. That’s because it wouldn’t have helped. Congressional supporters of cybersecurity legislation keep playing the “something must be done!” card, without ever bothering to explain how the something (CISA) will actually help. They just make vague promises that by somehow letting companies share info without liability, we’ll magically all be better protected. Given the recent revelations about how government has regularly abused access to information, it’s hard to accept the “just trust us” explanation for why companies should just hand over more information.
Even worse is that King went for the FUD-based “cyber Pearl Harbor” claim — one that’s been trotted out regularly, usually by intelligence community folks who just want access to your data, when the reality is that even James Clapper has admitted that there’s little real chance of such a thing happened. But that doesn’t stop King:
?Congress must work to pass legislation that will improve our capabilities and protect us against more attacks like these,? King added. ?The next Pearl Harbor will be cyber, and shame on us if we’re not prepared for it.?
Okay, sure. Shame on us if we’re not prepared, but how will this law help us prepare for it? This is a question that no one in Congress seems willing to answer. They just insist we have to “do something.”
King wasn’t the only one:
Sen. Ed Markey called the hack ?yet another example of how Americans? most sensitive personal information is in danger.?
“It is time to pass legislation to protect Americans against these massive data breaches,? he added.
Rep. Yvette Clarke tweeted that the U.S. ?must keep up on cybersecurity.?
Right, but again, how will the proposed law actually help? The problem is that no one answers because the truth is that it’s unlikely to actually help keep companies and your data secure, though it might just make it easier for the intelligence community to get their hands on your data.