Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd, time sensitive: Technologists sign on letter re CISA bill, info sharing

Rich Kulawiec rsk at gsp.org
Sun Apr 12 04:30:21 PDT 2015


This came in via Dave Farber's excellent "IP" mailing list.  The attached
PDF (which I hope makes it through) is the letter that Jennifer's
referring to.  Note that tonight at 8 PM EDT is the deadline if you
intend to sign onto this -- see instructions in the message below.

---rsk

----- Forwarded message from Dave Farber <dave at farber.net> -----

> Date: Thu, 9 Apr 2015 14:05:30 -0400
> From: Dave Farber <dave at farber.net>
> To: ip <ip at listbox.com>
> Subject: [IP] Technologists sign on letter re CISA bill, info sharing
> 
> ---------- Forwarded message ----------
> From: "Jennifer Granick" <jennifer at granick.com>
> Date: Apr 9, 2015 2:01 PM
> Subject: Technologists sign on letter re CISA bill, info sharing
> To: "Dave Farber" <dave at farber.net>
> Cc:
> 
> Dave,
> 
> In case you think people on IP may be interested...
> 
> Tl;dr: This is a solicitation for security experts and technologists to
> sign a letter to Congress opposing purported info sharing bills that
> actually waive privacy laws and enable more surveillance. Thanks for any
> help you can give.
> 
> 
> 
> Hello,
> 
> As you may know, there are three cybersecurity information sharing bills
> pending before Congress right now. These bills would weaken privacy laws
> and enable surveillance at a time when we need stronger privacy
> protections. These are surveillance bills, not security bills.
> 
> Every one of the bills is an end run around privacy laws in the name of
> improving security information sharing with the Department of Homeland
> Security (DHS). The bills define "cyber threat indicators" in a confusing
> manner that could include server logs, the contents of emails, damage
> estimates, and more. This kind of private data is not what is generally
> needed to secure systems. Nevertheless, the bills say that private entities
> will be immune from liability for sharing this information  with DHS (and
> other parts of government) "notwithstanding" any privacy laws.
> 
> Surveillance reform advocates are trying to stop these bills. There is a
> lot of support in Congress and from the White House. So, to succeed, we
> need your help and we need it now. We expect the bills to come to a vote
> mid-April.
> 
> As a security expert, would you be willing to sign a letter helping to
> educate Congress about what kind of information experts actually share to
> further cybersecurity and secure systems from future attack? By helping
> Congress understand what information is useful in security, we can stop a
> bill that would needlessly waive privacy.
> 
> Please let me know if you can sign on by no later than 8pm ET Sunday, April
> 12. Email to jennifer at law.stanford.edu your name, title and affiliation.
> We plan to use your titles and affiliations for information purposes only,
> not to indicate that your employer is also signing the letter. For example,
> my signature would be Jennifer Stisa Granick, Director of Civil Liberties,
> Stanford Center for Internet and Society* and the asterick text would say
> "*Titles and affiliations are for information purposes only." If you want
> to sign but don't want to include your title or affiliation, or don't have
> one, please indicate so, and we will respect your wishes.
> 
> My plan is to circulate the letter to the sponsors of the bills and to the
> rest of Congress on Monday, April 13.
> 
> Please feel free to email me or set up a call with me if you have any
> questions about the bills or the letter.
> 
> Once again, I can be reached at jennifer at law.stanford.edu
> 
> Finally, please do forward this request to anyone you think might be
> knowledgeable about security information sharing, and interested in sighing
> the letter.
> 
> For more information on these laws, you can read here:
> 
> Jennifer Granick - The Right Way to Share Information and Improve
> Cybersecurity:
> http://justsecurity.org/21498/share-information-improve-cybersecurity/
> 
> OTI VERSION 2.0 OF THE SENATE INTELLIGENCE COMMITTEE'S CYBER INFORMATION
> SHARING ACT IS CYBER-SURVEILLANCE, NOT CYBERSECURITY:
> http://www.newamerica.org/oti/version-20-of-the-senate-intelligence-committees-cyber-information-sharing-act-is-cyber-surveillance-not-cybersecurity/
> 
> CDT Analysis of Cybersecurity Information Sharing Act of 2014:
> https://cdt.org/insight/analysis-of-feinstein-chambliss-cybersecurity-information-sharing-act-of-2014/
> 
> 
> 
> Thank you for your time, attention, and assistance in this important matter.
> 
> 




More information about the liberationtech mailing list