Openness groups oppose Cybersecurity bill; urge passage of Leahy and Franken amendments

WASHINGTON, October 23, 2015 – Today, 27 open government, civil liberties, and privacy groups sent a letter to the Senate to express opposition to the Cybersecurity Information Sharing Act (“CISA”), and to urge the passage the proposed amendments from Senator Leahy and Senator Franken. Both are essential to ensure that the bill does not sweep away important privacy protections and civil liberties, increase the difficulty and complexity of information sharing, and threaten the integrity of the FOIA.


The letter emphasizes the high priority of our community to protect the Judiciary Committee’s exclusive jurisdiction over FOIA, and emphasizes that new exemptions should be enacted only after full and fair consideration by the Committee, through proceedings that are open to the public. Allowing the new exemption to be included in the underlying bill sets a dangerous precedent for the future of FOIA. The Leahy Amendment (No. 2587) would strike the new “b(3) exemption” from the bill, protecting the integrity of the FOIA framework in the process.


Moreover, the new FOIA language could result in serious unintended consequences, given the overly broad definitions that currently exist in CISA relating to cyber threat indicators and defense measures. In their current form, the definitions in CISA for “cybersecurity threat,” and “cyber threat indicator,” are concerning because they are unnecessarily broad. Technology and civil liberties groups have highlighted that CISA’s current definition for cybersecurity threat is vague and problematic: it includes some vague categories related to potential harms and “other attributes” that could lead to companies sharing unnecessary or inactionable content or personally identifiable information (PII). Robyn Greene of New America’s Open Technology Institute wrote in June that Franken’s amendment (No. 2612) would clarify the definition for cybersecurity threat by establishing that an event or incident constitutes a threat – and triggers CISA’s authorizations – only if it is “reasonably likely to result in” harm.


“The open government community has joined with privacy and civil liberties defenders, security experts, and tech companies to voice opposition to this bill ,” according to Patrice McDermott, Executive Director of “Among other serious concerns, passing CISA would give the Senate Select Committee on Intelligence (SSCI) jurisdiction over FOIA , which could in turn set a dangerous precedent for further weakening the law at the intelligence community’s will.”


The following organizations joined the letter:


American Civil Liberties Union
American-Arab Anti-Discrimination Committee
American Library Association
American Society of News Editors
Association of Alternative Newsmedia
Brennan Center for Justice
Campaign for Accountability
Citizens for Responsibility and Ethics in Washington (CREW)
Council on American-Islamic Relations
Constitution Project
New America’s Open Technology Institute
National Coalition for History
National Security Archive
National Security Counselors
Niskanen Center
PEN American Center
People For the American Way
Project On Government Oversight
Reporters Committee for Freedom of the Press
Restore The Fourth
R Street
Society for Professional Journalists
Sunlight Foundation
Transactional Records Access Clearinghouse, Syracuse University