Category Archives: Cyberwarfare

‘Back on Track’: Sally Yates to Testify Publicly in House Russia Probe

Former acting attorney general was originally slated to testify in March, but then-lead investigator Rep. Devin Nunes (R-Calif.) canceled the hearing

By Nadia Prupis, staff writer for Common Dreams. Published 4-21-2017

Photo: Screengrab of C-SPAN

Former Acting Attorney General Sally Yates has been invited to testify publicly before Congress on the investigation into alleged Russian election meddling.

The hearing is expected to take place after May 2. Former CIA director John Brennan and former director of national intelligence James Clapper are also scheduled to testify.

Yates was originally set to appear before the House Intelligence Committee in March, but the hearing was canceled by then-lead investigator Rep. Devin Nunes (R-Calif.), who has since stepped down amid accusations of ethics violations. Continue reading

Share

House Intel Committee Gives Trump Monday Deadline for Wiretapping Proof

“The only question is why the president would make up such a thing,” says Rep. Adam Schiff of California

By Deirdre Fulton, staff writer for Common Dreams. Published 3-12-2017

The White House has been asked by lawmakers to produce evidence of President Donald Trump’s wiretapping claims.

Leading members of the House Intelligence Committee have demanded that President Donald Trump provide evidence by Monday of his claim that Trump Tower was wiretapped—possibly by former President Barack Obama.

The Associated Press reported Saturday that committee chairman, Devin Nunes of California, and the panel’s ranking Democrat, Adam Schiff of California, made the request in a letter sent to the White House last week.

Other lawmakers have made similar demands, including U.S. Senators Lindsey Graham (R-S.C.) and Sheldon Whitehouse (D-R.I.), as Common Dreams reported Wednesday.  Continue reading

Share

The Manchurian President

A classic Hollywood political thriller may tell us more about what’s happening in America than any history book.

By Neal Gabler. Published 2-22-2017 by BillMoyers.com

Opening scene from The Manchurian Candidate. Photo: YouTube

As the Trump presidency unravels, unraveling the country along with it, there is no real political antecedent, no lessons from American history on which to draw and provide guidance. We are in entirely uncharted waters.

But there is an antecedent in our popular culture that provides a prism through which to view the contemporary calamity, especially the alleged collusion between Trump’s henchmen and Russian intelligence to deny Hillary Clinton the presidency. I am not the first observer who has noted the relevance of the movie The Manchurian Candidate. But the relevance is more than skin or celluloid deep. It goes to the very heart of this bizarre and frightening political moment. Continue reading

Share

How vulnerable to hacking is the US election cyber infrastructure?

Richard Forno, University of Maryland, Baltimore County

Voting stand and the notorious "butterfly ballot", from Palm Beach County from the disputed 2000 U.S. Presidential election. Photo: Infrogmation (Own work) [CC BY 2.5 ], via Wikimedia Commons

Voting stand and the notorious “butterfly ballot”, from Palm Beach County from the disputed 2000 U.S. Presidential election. Photo: Infrogmation (Own work) [CC BY 2.5], via Wikimedia Commons

Following the hack of Democratic National Committee emails and reports of a new cyberattack against the Democratic Congressional Campaign Committee, worries abound that foreign nations may be clandestinely involved in the 2016 American presidential campaign. Allegations swirl that Russia, under the direction of President Vladimir Putin, is secretly working to undermine the U.S. Democratic Party. The apparent logic is that a Donald Trump presidency would result in more pro-Russian policies. At the moment, the FBI is investigating, but no U.S. government agency has yet made a formal accusation.

The Republican nominee added unprecedented fuel to the fire by encouraging Russia to “find” and release Hillary Clinton’s missing emails from her time as secretary of state. Trump’s comments drew sharp rebuke from the media and politicians on all sides. Some suggested that by soliciting a foreign power to intervene in domestic politics, his musings bordered on criminality or treason. Trump backtracked, saying his comments were “sarcastic,” implying they’re not to be taken seriously.

Of course, the desire to interfere with another country’s internal political processes is nothing new. Global powers routinely monitor their adversaries and, when deemed necessary, will try to clandestinely undermine or influence foreign domestic politics to their own benefit. For example, the Soviet Union’s foreign intelligence service engaged in so-called “active measures” designed to influence Western opinion. Among other efforts, it spread conspiracy theories about government officials and fabricated documents intended to exploit the social tensions of the 1960s. Similarly, U.S. intelligence services have conducted their own secret activities against foreign political systems – perhaps most notably its repeated attempts to help overthrow pro-communist Fidel Castro in Cuba.

Although the Cold War is over, intelligence services around the world continue to monitor other countries’ domestic political situations. Today’s “influence operations” are generally subtle and strategic. Intelligence services clandestinely try to sway the “hearts and minds” of the target country’s population toward a certain political outcome.

What has changed, however, is the ability of individuals, governments, militaries and criminal or terrorist organizations to use internet-based tools – commonly called cyberweapons – not only to gather information but also to generate influence within a target group.

So what are some of the technical vulnerabilities faced by nations during political elections, and what’s really at stake when foreign powers meddle in domestic political processes?

Ohio citizens using electronic voting machines during the 2012 presidential election. Aaron Josefczyk/Reuters

Vulnerabilities at the electronic ballot box

The process of democratic voting requires a strong sense of trust – in the equipment, the process and the people involved.

One of the most obvious, direct ways to affect a country’s election is to interfere with the way citizens actually cast votes. As the United States (and other nations) embrace electronic voting, it must take steps to ensure the security – and more importantly, the trustworthiness – of the systems. Not doing so can endanger a nation’s domestic democratic will and create general political discord – a situation that can be exploited by an adversary for its own purposes.

As early as 1975, the U.S. government examined the idea of computerized voting, but electronic voting systems were not used until Georgia’s 2002 state elections. Other states have adopted the technology since then, although given ongoing fiscal constraints, those with aging or problematic electronic voting machines are returning to more traditional (and cheaper) paper-based ones.

New technology always comes with some glitches – even when it’s not being attacked. For example, during the 2004 general election, North Carolina’s Unilect e-voting machines “lost” 4,438 votes due to a system error.

But cybersecurity researchers focus on the kinds of problems that could be intentionally caused by bad actors. In 2006, Princeton computer science professor Ed Felten demonstrated how to install a self-propagating piece of vote-changing malware on Diebold e-voting systems in less than a minute. In 2011, technicians at the Argonne National Laboratory showed how to hack e-voting machines remotely and change voting data.

Voting officials recognize that these technologies are vulnerable. Following a 2007 study of her state’s electronic voting systems, Ohio Secretary of State Jennifer L. Brunner announced that

the computer-based voting systems in use in Ohio do not meet computer industry security standards and are susceptible to breaches of security that may jeopardize the integrity of the voting process.

As the first generation of voting machines ages, even maintenance and updating become an issue. A 2015 report found that electronic voting machines in 43 of 50 U.S. states are at least 10 years old – and that state election officials are unsure where the funding will come from to replace them.

A rigged (and murderous) voting machine on ‘The Simpsons’ satirized the issue in 2008.

Securing the machines and their data

In many cases, electronic voting depends on a distributed network, just like the electrical grid or municipal water system. Its spread-out nature means there are many points of potential vulnerability.

First, to be secure, the hardware “internals” of each voting machine must be made tamper-proof at the point of manufacture. Each individual machine’s software must remain tamper-proof and accountable, as must the vote data stored on it. (Some machines provide voters with a paper receipt of their votes, too.) When problems are discovered, the machines must be removed from service and fixed. Virginia did just this in 2015 once numerous glaring security vulnerabilities were discovered in its system.

Once votes are collected from individual machines, the compiled results must be transmitted from polling places to higher election offices for official consolidation, tabulation and final statewide reporting. So the network connections between locations must be tamper-proof and prevent interception or modification of the in-transit tallies. Likewise, state-level vote-tabulating systems must have trustworthy software that is both accountable and resistant to unauthorized data modification. Corrupting the integrity of data anywhere during this process, either intentionally or accidentally, can lead to botched election results.

However, technical vulnerabilities with the electoral process extend far beyond the voting machines at the “edge of the network.” Voter registration and administration systems operated by state and national governments are at risk too. Hacks here could affect voter rosters and citizen databases. Failing to secure these systems and records could result in fraudulent information in the voter database that may lead to improper (or illegal) voter registrations and potentially the casting of fraudulent votes.

And of course, underlying all this is human vulnerability: Anyone involved with e-voting technologies or procedures is susceptible to coercion or human error.

Voting machines in the warehouse before they are sent out to local precincts. Chris Keane/Reuters

How can we guard the systems?

The first line of defense in protecting electronic voting technologies and information is common sense. Applying the best practices of cybersecurity, data protection, information access and other objectively developed, responsibly implemented procedures makes it more difficult for adversaries to conduct cyber mischief. These are essential and must be practiced regularly.

Sure, it’s unlikely a single voting machine in a specific precinct in a specific polling place would be targeted by an overseas or criminal entity. But the security of each electronic voting machine is essential to ensuring not only free and fair elections but fostering citizen trust in such technologies and processes – think of the chaos around the infamous hanging chads during the contested 2000 Florida recount. Along these lines, in 2004, Nevada was the first state to mandate e-voting machines include a voter-verified paper trail to ensure public accountability for each vote cast.

Proactive examination and analysis of electronic voting machines and voter information systems are essential to ensuring free and fair elections and facilitating citizen trust in e-voting. Unfortunately, some voting machine manufacturers have invoked the controversial Digital Millennium Copyright Act to prohibit external researchers from assessing the security and trustworthiness of their systems.

However, a 2015 exception to the act authorizes security research into technologies otherwise protected by copyright laws. This means the security community can legally research, test, reverse-engineer and analyze such systems. Even more importantly, researchers now have the freedom to publish their findings without fear of being sued for copyright infringement. Their work is vital to identifying security vulnerabilities before they can be exploited in real-world elections.

Because of its benefits and conveniences, electronic voting may become the preferred mode for local and national elections. If so, officials must secure these systems and ensure they can provide trustworthy elections that support the democratic process. State-level election agencies must be given the financial resources to invest in up-to-date e-voting systems. They also must guarantee sufficient, proactive, ongoing and effective protections are in place to reduce the threat of not only operational glitches but intentional cyberattacks.

Democracies endure based not on the whims of a single ruler but the shared electoral responsibility of informed citizens who trust their government and its systems. That trust must not be broken by complacency, lack of resources or the intentional actions of a foreign power. As famed investor Warren Buffett once noted, “It takes 20 years to build a reputation and five minutes to ruin it.”

In cyberspace, five minutes is an eternity.

The Conversation

Richard Forno, Senior Lecturer, Cybersecurity & Internet Researcher, University of Maryland, Baltimore County

This article was originally published on The Conversation. Read the original article.

Share

Leaked Encryption Draft Bill ‘Ignores Economic, Security, and Technical Reality’

“This bill makes effective cybersecurity illegal.”

By Andrea Germanos, staff writer for Common Dreams. Published 4-8-2016

"This bill is a clear threat to everyone's privacy and security," said Neema Singh Guliani, legislative counsel with the ACLU. (Photo: Laura Bittner/flickr/cc)

“This bill is a clear threat to everyone’s privacy and security,” said Neema Singh Guliani, legislative counsel with the ACLU. (Photo: Laura Bittner/flickr/cc)

A draft of a proposed bill mandating companies give, under a court order, the government access to encrypted data is being derided by technology experts as “ludicrous,” as it “ignores technical reality” and threatens everyone’s security.

The Hill reports that it obtained a discussion draft of the legislation, and others have posted the purported 9-page draft online.

The bill’s proposers, Senators Richard Burr (R-North Carolina), Chair of the Senate Intelligence Committee, and Dianne Feinstein (D-California), top Democratic on the committee, neither disavowed the document nor confirmed its legitimacy, the Wall Street Journal reports. Continue reading

Share

Chomsky: Israel Acquiring Nuclear-Armed Submarines for Possible Attack on Iran

By Claire Bernish. Published 4-6-2016 by The Anti-Media

Israeli soldiers standing on a Dolphin-class submarine. Photo: Israel Defense Forces (The Chief of Staff Tours Israel's Naval Bases) [CC BY-SA 2.0], via Wikimedia Commons

Israeli soldiers standing on a Dolphin-class submarine. Photo: Israel Defense Forces (The Chief of Staff Tours Israel’s Naval Bases) [CC BY-SA 2.0], via Wikimedia Commons

Professor Noam Chomsky offered several alarming insights about Israel’s possible true intentions surrounding Iran — and why we all should be concerned. In an interview with AcTVism Munich’s Zain Raza, Chomsky explained what happens to submarines Germany sends to Israel:

“These dolphin class submarines that Germany is providing to Israel are instantly refitted in Israel to have nuclear weapons capacity, and that’s not aimed at defense of Israel. They are meant for attack, that’s what they are. And we know what attack they’re aimed for in the short run: an attack on Iran in the Gulf. That’s a terrible threat, not only to Iranians, but to the world.” Continue reading

Share

In FBI versus Apple, government strengthened tech’s hand on privacy

Written by Rahul Telang. Published 2-25-2016 by The Conversation.

The ongoing fight between Apple and the FBI over breaking into the iPhone maker’s encryption system to access a person’s data is becoming an increasingly challenging legal issue.

With a deadline looming, Apple filed court papers explaining why it is refusing to assist the FBI in cracking a password on an iPhone used by one of the suspects in the San Bernardino shooting. CEO Tim Cook has declared he will take the case all the way to the Supreme Court.

The tech company now wants Congress to step in and define what can be reasonably demanded of a private company, though perhaps it should be careful what it wishes for, considering lawmakers have introduced a bill that compels companies to break into a digital device if the government asks.

But there is an irony to this debate. Government once pushed industry to improve personal data privacy and security – now it’s the tech companies who are trumpeting better security. My own research has highlighted this interplay among businesses, users and regulators when comes to data security and privacy.

For consumers, who in coming years will see ever more of their lives take place in the digital realm, this heightened attention on data privacy is a very good thing.

The heart of the case is the phone of a suspect in the San Bernardino shootings. Reuters

The business case for better privacy grows

Not too long ago, everyone seemed to be bemoaning that companies aren’t doing enough to protect customer security and privacy.

The White House, for example, published a widely cited report saying that the lack of online privacy is essentially a market failure. It highlighted that users simply are in no position to control how their data are collected, analyzed and traded. Thus, a market-based approach to privacy will be ineffective, and regulations were necessary to force firms to to protect the security and privacy of consumer data.

The tide seems to have turned. Repeated stories on data breaches and privacy invasion, particularly from former NSA contractor Edward Snowden, appears to have heightened users’ attention to security and privacy. Those two attributes have become important enough that companies are finding it profitable to advertise and promote them.

Apple, in particular, has highlighted the security of its products recently and reportedly is doubling down and plans to make it even harder for anyone to crack an iPhone.

Whether it is through its payment software or operating system, Apple has emphasized security and privacy as an important differentiator in its products. Of course, unlike Google or Facebook, Apple does not make money using customer data explicitly. So it may have more incentives than others to incorporate these features. But it competes directly with Android and naturally plays an important role in shaping market expectation on what a product and service should look like.

These features possibly play an even more critical role outside the U.S. where privacy is under threat not only from online marketers and hackers but also from governments. In countries like China, where Apple sells millions of iPhones, these features potentially are very attractive to end users to keep their data private from prying eyes of authorities.

Consumers are demanding more security, something Apple has taken to heart. Reuters

Regulators hum a different tune

It is clear that Apple is offering strong security to its users, so much so that FBI accuses it of using it as a marketing gimmick.

It seems we have come a full circle in the privacy debate. A few years ago, regulators were lamenting how businesses were invading consumers’ privacy, lacked the proper incentives to do so and how markets needed stronger rules to make it happen. Today, some of the same regulators are complaining that products are too secure and firms need to relax it in some special cases.

While the legality of this case will likely play out over time, we as end users can feel better that in at least in some markets, companies are responding to a growing consumer demand for products that more aggressively protect our privacy. Interestingly, Apple’s mobile operating system, iOS, offers security by default and does not require users to “opt-in,” a common option in most other products. Moreover, these features are available to every user, whether they explicitly want it or not, suggesting we may be moving to a world in which privacy is fundamental.

Apple CEO Tim Cook has promised to take the fight all the way to the Supreme Court if he must. Reuters

Data sharing gets complicated

At its core, this debate also points to a larger question over how a public-private partnership should be structured in a cyberworld and how and when a company needs to share details with either the government or possibly with other businesses for the public good.

When Google servers were breached in China in 2010, similar questions arose. United States government agencies wanted access to technical details on the breach so it could investigate the perpetrators more thoroughly to unearth possible espionage attempts by Chinese hackers. The breach appeared to be aimed at learning the identities of Chinese intelligence operatives in the U.S. that were under surveillance.

Information sharing on data breaches and security infiltration is something the government has widely encouraged, last year passing the Cybersecurity Information Sharing Act of 2015 to encourage just that.

Unfortunately, various government agencies themselves have become self-interested parties in this game. In particular, the Snowden disclosures revealed that many government agencies conduct extensive surveillance on citizens, which arguably not only undermine our privacy but compromise our entire information security infrastructure.

These agencies, including the FBI in the current case, may have good intentions, but all of this has finally given profit-maximizing companies the right incentives they need to do what the regulators once wanted. Private businesses now have little incentive to get caught up in the bad press that usually follows disclosures like Snowden’s, so it’s no wonder they want to convince their customers that their data are safe and secure, even from the government.

With cybersecurity becoming a tool for government agencies to wage war with other nation-states, it is no surprise that companies want to share less, not more, even with their own governments.

The battle ahead

This case is obviously very specific. I suspect that, in this narrow case, Apple and law enforcement agencies will find a compromise.

But the Apple brand has likely strengthened. In the long run, its loyal customers will reward it for putting them first.

However, this question is not going away anywhere. With the “Internet of things” touted as the next big revolution, more and more devices will capture our very personal data – including our conversations.

This case could be a precedent-setting event that can reshape how our data are stored and managed in the future. But at least for now, some of the companies appear to be – or least say they want to be – on our side in terms protecting our privacy.

About the Author:
 is Professor of Information Systems and Management, Carnegie Mellon University.

Share

The American War Machine Finally Stopped Pretending to Care About Your Safety

By Claire Bernish. Published 1-11-2016 at The Anti-Media

A sea of graves spreads across the Fort Snelling National Cemetery landscape. (Photo author's own work.)

A sea of graves spreads across the Fort Snelling National Cemetery landscape. (Photo MNgranny)

Economic opportunism, or more accurately, profit opportunism, best describes the foundation on which the war machine sustains its existence; and a recent report for ‘defense’ industry investors lays bare this callous reality.

“The Islamic State (ISIS) has become a key threat in Syria, Iraq, and Afghanistan and is involved in exporting terrorism to Europe, Africa, and elsewhere. The recent tragic bombings in Paris, Beirut, Mali, the Sinai Peninsula, and other places have emboldened nations to join in the fight against terrorism,” reads the report from the accounting firm Deloitte. “Several governments affected by these threats are increasing their defense budgets to combat terrorism and address sovereign security matters, including cyber-threats. For defense contractors, this represents an opportunity to sell more equipment and military weapons systems.” Continue reading

Share

New Docs Reveal NSA Never Ended Bulk Email Collection, Just Hid It Better

Agency shut down email surveillance in 2011, only to relaunch it under different intelligence laws

By Nadia Prupis, staff writer for Common Dreams. Published 11-20-2015

The National Security Agency headquarters at night. (Photo: CreativeTime Reports/flickr/cc)

The National Security Agency headquarters at night. (Photo: CreativeTime Reports/flickr/cc)

The National Security Agency (NSA) secretly replaced its program monitoring Americans’ emails and moved it overseas before the operation was exposed by Edward Snowden in 2013, according to new reporting.

NSA officials responded to Snowden’s leaks by stating that the email records program had shut down in 2011—and in a way, it had. But newly released documents show the agency had simply created a “functional equivalent” that analyzed Americans’ emails without collecting bulk data from U.S. telecommunications companies, the New York Times reported on Friday. Continue reading

Share

‘Codifying’ Government Surveillance, Senate Passes CISA

“If President Obama does not veto this bill, he’ll be showing that his administration never truly cared about the open Internet,” rights group says

Written by Nadia Prupis. Published 10-27-2015 by Common Dreams.

The U.S. Senate approved CISA on Tuesday. (Screenshot)

The U.S. Senate approved CISA on Tuesday. (Screenshot)

Update:
The U.S. Senate on Tuesday passed the Cybersecurity Information Sharing Act (CISA) without any of the proposed amendments that would have strengthened user protections. The bill passed 74-21 (see the roll call here).

Rights groups immediately called for President Barack Obama to veto the bill and vowed to keep pressure up.

“Every senator supporting #CISA today voted against a world with freedom, democracy, and basic human rights,” tweeted digital rights organization Fight for the Future. “If President Obama does not veto this bill, he’ll be showing that his administration never truly cared about the open Internet.”

“This vote will go down as the moment Congress codified the US government’s unconstitutional spying. A sad day for the Internet,” the group added.

In their response to CISA’s passage in the Senate, the Electronic Frontier Foundation marked its disappointment and said: “The bill is fundamentally flawed due to its broad immunity clauses, vague definitions, and aggressive spying authorities.”

With the bill now moving to conference committee, but EFF expressed no confidence that the bill would be improved.

“The passage of CISA reflects the misunderstanding many lawmakers have about technology and security,” EFF continued. “Computer security engineers were against it.  Academics were against it. Technology companies, including some of Silicon Valley’s biggest like Twitter and Salesforce, were against it. Civil society organizations were against it. And constituents sent over 1 million faxes opposing CISA to Senators.”

EFF vowed that the fight against the bill would continue through the conference committee process, where it will urge lawmakers to add pro-privacy provisions. “We will never stop fighting for lawmakers to either understand technology or understand when they need to listen to the people who do,” the group said.

The official Senate roll call to the vote follows:

Alphabetical by Senator Name

Alexander (R-TN), Yea
Ayotte (R-NH), Yea
Baldwin (D-WI), Nay
Barrasso (R-WY), Yea
Bennet (D-CO), Yea
Blumenthal (D-CT), Yea
Blunt (R-MO), Yea
Booker (D-NJ), Nay
Boozman (R-AR), Yea
Boxer (D-CA), Yea
Brown (D-OH), Nay
Burr (R-NC), Yea
Cantwell (D-WA), Yea
Capito (R-WV), Yea
Cardin (D-MD), Nay
Carper (D-DE), Yea
Casey (D-PA), Yea
Cassidy (R-LA), Yea
Coats (R-IN), Yea
Cochran (R-MS), Yea
Collins (R-ME), Yea
Coons (D-DE), Nay
Corker (R-TN), Yea
Cornyn (R-TX), Yea
Cotton (R-AR), Yea
Crapo (R-ID), Nay
Cruz (R-TX), Not Voting
Daines (R-MT), Nay
Donnelly (D-IN), Yea
Durbin (D-IL), Yea
Enzi (R-WY), Yea
Ernst (R-IA), Yea
Feinstein (D-CA), Yea
Fischer (R-NE), Yea
Flake (R-AZ), Yea
Franken (D-MN), Nay
Gardner (R-CO), Yea
Gillibrand (D-NY), Yea
Graham (R-SC), Not Voting
Grassley (R-IA), Yea
Hatch (R-UT), Yea
Heinrich (D-NM), Yea
Heitkamp (D-ND), Yea
Heller (R-NV), Nay
Hirono (D-HI), Yea
Hoeven (R-ND), Yea
Inhofe (R-OK), Yea
Isakson (R-GA), Yea
Johnson (R-WI), Yea
Kaine (D-VA), Yea
King (I-ME), Yea
Kirk (R-IL), Yea
Klobuchar (D-MN), Yea
Lankford (R-OK), Yea
Leahy (D-VT), Nay
Lee (R-UT), Nay
Manchin (D-WV), Yea
Markey (D-MA), Nay
McCain (R-AZ), Yea
McCaskill (D-MO), Yea
McConnell (R-KY), Yea
Menendez (D-NJ), Nay
Merkley (D-OR), Nay
Mikulski (D-MD), Yea
Moran (R-KS), Yea
Murkowski (R-AK), Yea
Murphy (D-CT), Yea
Murray (D-WA), Yea
Nelson (D-FL), Yea
Paul (R-KY), Not Voting
Perdue (R-GA), Yea
Peters (D-MI), Yea
Portman (R-OH), Yea
Reed (D-RI), Yea
Reid (D-NV), Yea
Risch (R-ID), Nay
Roberts (R-KS), Yea
Rounds (R-SD), Yea
Rubio (R-FL), Not Voting
Sanders (I-VT), Nay
Sasse (R-NE), Yea
Schatz (D-HI), Yea
Schumer (D-NY), Yea
Scott (R-SC), Yea
Sessions (R-AL), Yea
Shaheen (D-NH), Yea
Shelby (R-AL), Yea
Stabenow (D-MI), Yea
Sullivan (R-AK), Nay
Tester (D-MT), Nay
Thune (R-SD), Yea
Tillis (R-NC), Yea
Toomey (R-PA), Yea
Udall (D-NM), Nay
Vitter (R-LA), Not Voting
Warner (D-VA), Yea
Warren (D-MA), Nay
Whitehouse (D-RI), Yea
Wicker (R-MS), Yea
Wyden (D-OR), Nay

Earlier:

As the U.S. Senate gears up for a vote on the controversial Cybersecurity Information Sharing Act (CISA) on Tuesday, privacy advocates are galvanizing an 11th-hour push against the bill they say does nothing more than expand government spying powers.

A slew of digital rights groups including Fight for the Future and the Electronic Frontier Foundation, along with whistleblower Edward Snowden and outspoken CISA opponent Sen. Ron Wyden (D-Ore.), joined forces Monday night for an Ask Me Anything (AMA) session on Reddit, which has also come out against the bill. The session was the latest action by civil society groups, activists, and tech companies calling on Congress to reject CISA for its anti-privacy provisions.

“CISA isn’t a cybersecurity bill,” Snowden wrote during the Q&A. “It’s not going to stop any attacks. It’s not going to make us any safer. It’s a surveillance bill.”

Supporters of CISA—including Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.)—say the bill would make it easier for tech companies to share data in cases of security breaches and other digital attacks. But critics say there aren’t enough safeguards in place to protect user privacy and the bill only works to serve intelligence agencies in domestic surveillance operations.

“What it allows is for the companies you interact with every day—visibly, like Facebook, or invisibly, like AT&T—to indiscriminately share private records about your interactions and activities with the government,” Snowden wrote on Monday. “CISA allows private companies to immediately share a perfect record of your private activities the instant you click a link, log in, make a purchase, and so on—and the government with reward for doing it by granting them a special form of legal immunity for their cooperation.”

Fight for the Future campaign director Evan Greer said the Senate’s vote on Tuesday “will go down in history as the moment that lawmakers decided not only what sort of Internet our children and our children’s children will have, but what sort of world they will live in.”

The campaigns, which are being waged under the hashtag #StopCISA, urge senators to oppose the bill and protect civil liberties.

Greer added, “Every Senator who votes for CISA will be voting for a world without freedom of expression, a world without true democracy, a world without basic human rights. And they will be voting for their own removal from office, because the Internet will not forget which side of history they stood on.”

Follow the #StopCISA hashtag Twitter feed for more.

This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.

Share