Many of the cybersecurity proposals circulating on Capitol Hill could open a back door to vast government surveillance, analysts at the Center for Democracy and Technology said on Wednesday.
Both the House and Senate are considering multiple bills that address a range of cybersecurity issues, including giving federal officials more oversight over some private networks and increasing information-sharing between government and businesses.
It’s that increase in shared information that has civil-liberties advocates worried.
“We don’t want cybersecurity to become a backdoor wiretap,” center senior counsel Greg Nojeim told reporters on Wednesday.
Several of the bills, especially one sponsored by House Intelligence Chairman Mike Rogers, R-Mich., would allow “almost unlimited” types of information to be shared with government agencies, vastly expanding the government ‘s role in monitoring communications, Nojeim said.
He cited efforts by lawmakers and National Security Agency officials to give the massive spy agency a greater role in domestic cybersecurity efforts.
“In this town, information is power and the NSA wants more of it,” Nojeim said. Under some congressional proposals, information collected for cybersecurity programs could be used by law enforcement for other, unrelated criminal or national security purposes, he said.
Officials say that an increasingly connected world means hackers can target more and more businesses and government agencies, from banks and water systems to police and defense organizations.
Last week, Rogers announced more cosponsors for his bill and argued that Congress and industry recognize an urgent need for the legislation.
“This consistent and extensive cyberlooting results in huge losses of valuable intellectual property, sensitive information, and American jobs,” Rogers said in a statement on March 29.
In the House, half a dozen bills are aimed at a variety of issues from information-sharing and research and development to critical infrastructure. Many of those bills are scheduled to be considered during the week of April 23.
The Senate has two cybersecurity bills headed for a showdown on the floor as soon as the first week in May. The Cybersecurity Act of 2012, backed by the White House and top Senate Democrats, would provide Homeland Security officials with more authority to oversee the cybersecurity of certain “critical infrastructure,” such as power grids. The SECURE IT Act, on the other hand, is sponsored by Republicans, who say that the Cybersecurity Act includes too much government regulation.
Unfortunately, Nojeim argued, many of the cybersecurity proposals are extremely broad and undermine existing legal protections.
“The cybersecurity provisions trump all laws, they trump privacy laws, they trump antitrust laws, they trump all laws without exception,” he said.