This post appears courtesy of the Ferenstein Wire, a syndicated news service. Publishing partners may edit posts. For inquiries, please email author and publisher Gregory Ferenstein.
Congress tucked a sweeping surveillance bill into a late-night budget deal earlier this week. The controversial Cybersecurity Information Sharing Act has been given the green light by the White House, even though it was widely opposed by many top tech companies last October.
The latest version of the controversial CISA crammed into the spending bill reportedly removes key privacy protections, including a requirement that personal information unrelated to cybersecurity threats be “scrubbed” before it is shared.
The update of the bill inspired a tweet from Senator Ron Wyden:
Latest, worse version of CISA has no real privacy protections & would do little or nothing to prevent major hacks pic.twitter.com/nINErrHoLg
— Ron Wyden (@RonWyden) December 16, 2015
Still, given recent events in Paris and San Bernardino, the White House and intelligence officials argue that they need every resource at their disposal to prevent more terrorist attacks.
Who Will Watch The Watchers?
The actual impact on Silicon Valley itself is a mixed bag. The big worry is that broad surveillance powers undermines public trust in tech products.
“CISA is essentially the U.S. government invalidating every company’s privacy policy,” says Evan Greer of advocacy group Fight for the Future. “News about the U.S. government’s overly broad surveillance programs have already damaged the tech economy.”
Evan Engstrom of another tech industry advocacy group, Engine, worries that the bill will exacerbate tensions between Silicon Valley and the European Union, which recently struck down laws protecting US-based companies when sending sensitive personal information over the Atlantic (known as “Safe Harbor”).
“In light of the recent EU safe harbor issues that arose precisely because of legislation that gave the US government too much access to consumer data, CISA seems to just double down on these problems without any clear corresponding benefit,” says Engstrom.
On the other hand, companies do get some legal safeguards.
“Generally all of these information sharing bills offer broad legal immunity to all companies when they share data with the government in the event of a cyber attack,” explains Greer.
This particular provision may be behind the support from other industry groups (such as banking), but it still hasn’t inspired much support in Silicon Valley. It may be legal—but that doesn’t mean users will trust companies that hide behind that immunity.
The bill is expected to pass Congress and be signed by the President. We’ll have to wait and see what economic impacts follow.