White House Criticizes CISPA, Though Meekly And For Partially Wrong Reasons
from the still,-it's-something dept
With next week's vote on CISPA looming, the White House has made an official statement that implicitly criticizes the bill without mentioning it by name. The Hill reports that National Security Council spokeswoman Caitlin Hayden issued the statement after a cybersecurity briefing in Congress:
"The nation’s critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone," Hayden said.
"Also, while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens. Legislation without new authorities to address our nation’s critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation's urgent needs," she said, without explicitly mentioning CISPA.
While it's very good to hear them to make privacy concerns a central point, the administration's reasons for this position are not entirely the same as the citizens and civil liberties groups who oppose CISPA. The White House endorses the Lieberman-Collins bill in the Senate, which does indeed include better privacy protections (including an all-important requirement to anonymize shared data whenever possible), but also grants the federal government broad new regulatory powers relating to cybersecurity and critical infrastructure. This is in stark contrast to CISPA, which explicitly forbids regulatory usage. The White House wants to be able to start creating rules for "critical infrastructure" providers, which is undoubtedly the number one reason they support the Lieberman-Collins bill—but granting them that power is opening up a whole different can of worms. Nevertheless, though not an explicit or especially strong condemnation, this statement from the White House still adds significant weight to the growing CISPA opposition. The fact that the bill they are backing has its own problems really just points to the bigger and more important question: is there really any need to rush to create new cybersecurity legislation.