Privacy advocates are stepping up their lobbying efforts against the controversial cyber threat information sharing bill currently in Congress after several tech giants indicated their support.
Activist group Fight for the Future criticized Salesforce for supporting legislation which would "grant blanket immunity for American companies to participate in government mass surveillance programs like PRISM, without meaningfully addressing any of the fundamental cyber security problems we face in the U.S." Accordingly, Fight for the Future said it will abandon the Heroku cloud application platform within the next 90 days and encourages others to follow suit. The letter to Salesforce CEO Marc Benioff was posted on the site YouBetrayedUs.org.
Fight for the Future is calling for Web developers and organizations "to boycott Heroku/Salesforce due to their support for this bad bill," Evan Greer, the group's CTO, said in an email.
The bill in question is the Cybersecurity Information Sharing Act (CISA), which has been the subject of intense lobbying by privacy groups and security experts over the past few months. Co-sponsored by Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.), the bipartisan bill is meant to improve public and private sector cyber security by creating incentives for businesses to share threats information with each other and with government agencies. A voluntary program, the bill sets up incentives for businesses to share threat information with each other and with government agencies, which would eventually result in tools and data to protect business and government networks.
The lawmakers may be calling the bill an information-sharing bill, but a government surveillance bill by any other name is just as dangerous. The Center for Democracy and Technology has said the bill's "broad use permissions suggest that the legislation is as much about surveillance as it is about cyber security."
The draft bill has pitted privacy advocates and security professionals against businesses. Privacy advocates say the bill could result in companies improperly sharing individuals' sensitive personal information with the government -- including law enforcement and surveillance agencies. Businesses, on the other hand, support the bill as it includes liability protections for those participating in the voluntary information sharing program.
Last week, 13 tech companies and the BSA | Software Alliance, a consortium of software companies, sent a letter to Congress asking lawmakers to act on cyber security legislation which "will have an immediate positive action on the digital economy."
CISA "will promote cyber security and protect sensitive information by enabling private actors in possession of information about vulnerability and intrusions to more easily share that information voluntarily with others under threat, thus enabling the development of better solutions faster," the letter said. It was signed by executives from Adobe, Altium, Apple, Autodesk, CA Technologies, DataStax, IBM, Microsoft, Minitab, Oracle, Salesforce, Siemens, and Symantec, along with the president and CEO of BSA. Although Google and Facebook have voiced support for CISA in the past, they were not part of this letter.
Sign up for CIO Asia eNewsletters.