If At First You Don’t Succeed (at passing a cybersecurity intelligence sharing law), Try, Try Again.

UntitledBy Brennen Johnson

Lawmakers in the U.S. Senate just passed CISA (the “Cybersecurity Information Sharing Act”) on Tuesday, October 27. If the White House does not veto it, CISA will allow tech companies to share internet traffic information with the government without fear of liability for the disclosure of private or sensitive data. Not only would the law potentially allow companies to violate their own privacy statements with users, but also it would allow them to hide the fact that they are sharing information with the government.

So what is CISA, where did it come from, and why does it matter? This is not the first time that lawmakers have brought this type of information-sharing scheme before Congress. Back in 2011, lawmakers introduced CISPA (the “Cyber Intelligence Sharing and Protection Act”) in an attempt to help prevent cyber attacks. The basic premise behind the bill was that quickly sharing information about threats and vulnerabilities could help prevent attacks. The House of Representatives passed CISPA, but it failed in the Senate, due to a lack of confidentiality and civil liberties safeguards. The White House even proclaimed that it would veto the bill should it be passed. CISPA was reintroduced by the House in 2013, where it again failed to pass the Senate. Continue reading

China Poised to Tighten Grip on Cybersecurity with New Law

CyberSecurityBy Andrew H. Fuller

As Cybersecurity becomes a prominent global issue for nation states, governments consider options to curb their nation’s digital vulnerability. On July 6th, China, an undisputed major player on the global digital frontier, released the Cyber Security Law of the People’s Republic of China (“CSL”) for public comments. The CSL will, among other things, encourage education and training in cybersecurity related fields, establish new protections and rights for personal and sensitive data, and create government set standards for information technology hardware and software. Once adopted, the CSL will be the first Chinese law that exclusively focuses on cybersecurity. Continue reading