Hi NNSquad-ers, EFF is looking for academics and industry professionals to sign the attached letter expressing concern about some of the proposed "cybersecurity" legislation currently being debated in the US Congress. Some prominent people have signed already, including Bruce Schneier. This legislation is vague, and has a number of alarming provisions, including allowing companies to perform mass surveillance and operate countermeasures over their networks with impunity, and allows these companies to share raw data with federal agencies. The bills effectively nullify existing wiretapping and privacy laws so long as monitoring happens for a vaguely-defined "cybersecurity" purpose. We think this could lead to more disruptive effects down the line, or even quite soon, given that it's unclear what is actually being talked about in the bill.
If you agree with our concerns and would like to sign on to our letter, let me know by private email ([email protected]) by Sunday morning 9am Pacific US time, and include your title or how you would like to be listed. Because there are many "cybersecurity" bills currently being debated in the US House and Senate, the letter is generally framed in opposition to bad aspects of the bills, though it calls out two current proposals that are particularly bad and close to passing: CISPA (H.R. 3523) in the House, and "Secure IT Act" (S. 2151) in the Senate. CISPA hits the floor of the house next week. The letter is intended to be simple and focused on the civil liberties issues that stem from the broadness of the bills. It does not talk about technical problems with deploying IDS/IPS in the private sector (for a discussion of this, see, e.g. http://harvardnsj.org/wp-content/uploads/2012/01/Vol.-3_Bellovin_Bradner_Diffie_Landau_Rexford1.pdf) or other legitimate technical concerns about effectiveness. We certainly encourage people to raise these concerns separately. For a more detailed discussion of some of the civil liberties implications and other analyses, please see the following articles: https://www.eff.org/deeplinks/2012/03/dangerously-vague-cybersecurity-legislation https://www.eff.org/deeplinks/2012/03/rogers-cybersecurity-bill-broad-enough-use-against-wikileaks-and-pirate-bay https://www.eff.org/deeplinks/2012/03/four-unanswered-questions-about-cybersecurity-bills For discussions of CISPA in particular, see: https://www.eff.org/deeplinks/2012/04/cybersecurity-bill-faq-disturbing-privacy-dangers-cispa-and-how-you-stop-it https://www.eff.org/deeplinks/2012/04/eff-opposes-cispa-hackers-and-founders-panel https://cyberspying.eff.org/ Thanks, Dan Auerbach [email protected] Staff Technologist -- Dan Auerbach <[email protected]> Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x134 -- Dan Auerbach <[email protected]> Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x134
cybersecurity-professionals-letter-simple-2.rtf
Description: RTF file
_______________________________________________ nnsquad mailing list http://lists.nnsquad.org/mailman/listinfo/nnsquad
