The Sony hack attack has reinvigorated support for privacy-busting CISPA-style cybersecurity legislation that was previously considered dead, prompting calls to make the issue a top priority in 2015.
With the White House declaring the hack to be a “national security issue” yesterday, numerous prominent lawmakers jumped on the issue to push a “zombie” cybersecurity bill – the Cybersecurity Information Sharing Act – which failed to make the Senate floor in July.
White House Economic Council Director Jeff Zients said the Sony hack would require ongoing “executive” action by the President in order to protect “federal government assets,” with Zients stressing the need “to take this to the next level (with) legislation.”
Senate Intelligence Committee Chairman Dianne Feinstein echoed Zients, asserting, “We must pass an information sharing bill as quickly as possible next year.”
Republican Sen. John McCain also called on Congress to “finally pass long-overdue comprehensive cybersecurity legislation” in light of the Sony hack, a sentiment mimicked by Rep. Jim Langevin (D-R.I), co-chair of the House cybersecurity caucus, who stated, “The new Congress should act without delay to pass a comprehensive cybersecurity information sharing bill to allow the federal government to share what it knows about threats in cyberspace with the private sector, and vice versa.”
Rep. Michael McCaul (R-Tex.) and Sen. Lindsey Graham (R-S.C.) also called on cybersecurity legislation to be the top priority in January, while President Obama himself told ABC’s David Muir on Wednesday, “Congress also needs to take up cybersecurity legislation that’s been languishing for several years now.”
Following former White House Chief of Staff Rahm Emanuel’s advice to “never let a serious crisis go to waste,” the Obama administration and lawmakers like McCain and Graham are now breathlessly exploiting the Sony hack to reanimate legislation that bears significant resemblance to the widely loathed CISPA bill that failed to pass the Senate in 2012.
According to the Electronic Privacy Information Center, the Cybersecurity Information Sharing Act of 2014, “Allows companies to monitor private communications on their networks and to disclose user activity to the government. The bill would also exempt companies from liability for monitoring communications or disclosing user information.”
The ACLU’s Sandra Fulton also warns that the bill “Gives the government extraordinary powers to silence potential whistleblowers, and exempts these dangerous new powers from transparency laws.” The legislation would allow the government to approach companies directly for user information without the need to obtain a warrant.
The White House has blamed North Korea for the Sony hack attack although, as Wired notes, the evidence for this assertion is flimsy at best.
Similar calls for draconian cybersecurity legislation, as well as measures that would give the White House Chinese-style web censorship powers, were heard in the aftermath of the Stuxnet virus outbreak in 2010. Despite Alex Jones being labeled a “conspiracy theorist” at the time for fingering the United States as being behind the virus, that premise was confirmed in 2012.
It was also subsequently revealed that the U.S. was responsible for creating the Flame virus that targeted Iranian nuclear facilities. Just as with the Sony hack, in both cases, foreign powers were initially blamed for creating viruses which were actually created by the U.S. and Israel.
The fact that the Obama administration is pushing for increased cybersecurity powers while concurrentlymeeting with the czar of China’s infamous web censorship program should also be a major cause for concern.