Oracle part of companies accused of betrayal over alleged support of CISA
A number of organisations have started publicly lobbying US Congress to take action over cybersecurity legislation, with Oracle, Microsoft, Apple and others accused of being on the wrong side of history when its comes to surveillance and users’ privacy.
Java-custodians Oracle, together with Microsoft, Apple, Adobe, IBM and a collection of other notable companies have signed an open letter urging American Congress to engage in “urgent action” on cyber threat information sharing legislation, earning accusations from activist group Fight for the Future that the companies have “betrayed millions of people”.
The battle for privacy
Fight for the Future believes the open letter advocates direct support of the controversial Cybersecurity Information Sharing Act (CISA), which is currently being observed in Congress. A vote is expected to be held once the latest amendments to the bill have been discussed, however as InfoWorld reports time is running out for Senators.
CISA is being plugged as an information-sharing bill, yet its vague definitions, broad legal immunity, and new spying powers allow for a tremendous amount of unnecessary damage to users’ privacy according to the Electronic Frontier Foundation:
The amendments, like the original language of the bill, fail to address key issues like the deep link between these government “cybersecurity” authorities and surveillance, as well as the new spying powers the bill would grant to companies. But “cybersecurity” is already intimately tied to surveillance – a problem CISA would only worsen.
Another open letter, this time directed to the CEO of Salesforce and Heroku Marc Benioff, has been penned by Fight for the Future CTO Jeff Lyon in response to their backing of the lobbying push together with Oracle and co. The group are calling for developers to boycott their services and move to platforms “that don’t endorse government surveillance of their customers”.
The activist group state that passing of the CISA is merely a knee-jerk reaction to the recent Office of Personnel Management hacking scandal that saw 21 million people’s personal information stolen.
New America’s Open Technology Institute sent the Senate a coalition letter in April 2015 signed by civil society organisations, security experts, and academics opposing the bill, citing its failure to provide both strong privacy protections and adequate clarity about actions taken, information shared, and how information is used by the government.
The letter outlines the following determinations afforded by the legislation:
- Authorises sharing of vaguely defined “cyber threat indicators” without adequate privacy protections prior to sharing;
- Permits companies to share cyber threat indicators, which may include information about innocent individuals, directly with the NSA;
- Requires that federal entities automatically disseminate to the NSA all cyber threat indicators they receive, including personal information about individuals;
- Authorises overbroad law enforcement uses that go far outside the scope of cybersecurity; and
- Authorises companies to deploy dangerous countermeasures, euphemistically called “defensive measures,” that could damage data and computer systems of innocent third parties who did not perpetrate the threat.
Aside from lobbying against the bill, Fight for the Future has also been involved in a fax campaign involving several phone lines being programmed to convert emails and tweets into faxes. Faxes are then individually sent to all 100 Senators in opposition to the legislation. The fax campaign is still ongoing on Twitter under the hashtag #faxbigbrother.