A group of technology companies is voicing its displeasure with a new cybersecurity bill making its way through congress.
The Computer & Communications Industry Association (CCIA), which counts Sprint and T-Mobile among its members, is asking that the Cybersecurity Information Sharing Act (CISA) be altered before moving forward.
The CISA aims to improve sharing of information on cyber threats between companies, and allows companies to share customer information with the government without being in violation of existing privacy regulations.
In a statement on its website, CCIA said it does not support the CISA in its current form, as it could be a threat to user privacy and could have unintended consequences for third-party entities.
“CCIA is unable to support CISA as it is currently written. CISA’s prescribed mechanism for sharing of cyber threat information does not sufficiently protect users’ privacy or appropriately limit the permissible uses of information shared with the government,” read the statement. In addition, the bill authorizes entities to employ network defense measures that might cause collateral harm to the systems of innocent third parties.”
CCIA says it recognizes the need for more efficient information sharing around cyber threats but argues that such a system should not come at the expense of the privacy of end users, and likewise should not endanger the integrity of the infrastructure it aims to protect.
The CISA has bi-partisan support in congress and an endorsement from the President, but the CCIA includes a breadth of technology companies, including big name web portals like Google, Yahoo and Facebook.
While T-Mobile’s membership with the CCIA assumes it is against the bill, a report from The Guardian notes that Experian, which recently suffered a hack revealing troves of information on people who had applied for credit with T-mobile, has come out in favor of the legislation.
“Experian supports legislation that would facilitate greater sharing of cyber threat information among appropriate private and government entities,” the company said in a statement. “Congress has the responsibility to balance the need for facilitating greater information sharing, and thereby enhancing cybersecurity, with important consumer privacy concerns.”
The Senate is slated to hold a vote on the bill later this month.
Filed Under: Cybersecurity, Industry regulations + certifications