“New” McCain Cybersecurity Bill Just as Bad on FOIA as Old Version

Last week Senator McCain and his fellow cosponsors of S. 2151, Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology Act (SECURE IT) announced the introduction of S.3342, a "retooled" version of the bill. Despite some changes to the bill that backers say is intended to address concerns with the earlier version, it still threatens privacy and civil liberties, and guts the public's right to information under the Freedom of Information Act (FOIA).

Both versions of SECURE IT create unnecessary, overbroad and unwise exemptions to the FOIA. Forty organizations joined OpenTheGovernment.org in protesting these provisions in S.2151. Perhaps most troublingly, under the heading "Technical Amendment" the bill creates a new FOIA exemption that gives the government the authority to withhold all information shared with or to a cybersecurity center. This “technical amendment” would be one of the most far-reaching substantive amendment of the Act’s exemptions since 1986, and it would be made without the benefit of any input from the public or Congressional committees that have expertise on the FOIA.

As we have said many times about a variety of cybersecurity proposals in the House and Senate, it is bad policy to promote private sector information-sharing about cybersecurity threats by cutting off all public access to any information that may be shared with the government. First, much of the sensitive information companies will likely share is already covered under FOIA (for example, exemption 1 covers properly classified national security information; exemption 4 covers trade secrets). Second, the public will need access to at least some of the information in order to make a knowledgeable assessment of whether or not the government responded appropriately to legitimate threats; without access to that information, the public cannot hold officials accountable for their actions.

We continue to urge Congress to drop provisions that undermine the transparency and accountability and move towards developing proposals that promotes transparency and public accountability while allowing the government to withhold only that information which truly requires protection.

Categories: Uncategorized