Will new laws give federal cybercops too much power?
Critics say the bills are about surveillance not security
By Russell Brandom on April 28, 2015 10:30 am
Last year, a single strain of malware was responsible for credit card breaches at Target, Home Depot, and more than 1,000 other US companies, with damages totalling hundreds of millions, if not billions of dollars. In many cases, the companies involved didn't know about the threat until it had been alive in their systems for months. For many industry observers, the most painful point is the timing: If the industry had raised the alarm when the first warning signs surfaced, the worst of the damage could have been averted.
That idea seems to have gotten Washington's attention. In February, President Obama signed an executive order to promote information sharing on cyberthreats, and a new crop of information-sharing bills in Congress look to clear the path even further. Last week, the House of Representatives passed the Protecting Cyber Networks Act, which would establish new sharing guidelines and liability protections, and the Senate is expected to take up the bill in the coming weeks. At the same time, many see PCNA and other bills like it as an unprecedented intrusion into otherwise neutral networks — what Ron Wyden described as "a surveillance bill by another name." While most researchers still see themselves as engineers, there's a growing fear that these new measures will turn them into detectives.
""A surveillance bill by another name""