April 19, 2012, 8:32 PM — The White House joined the growing chorus of voices expressing concern over the proposed Cyber Intelligence Sharing and Protection Act (CISPA) legislation that is scheduled for a vote in the U.S. House of Representatives next week.
The bill would allow Internet service providers and Internet companies such as Google and Facebook to collect and share a wide range of user data with the government. Privacy and civil rights groups have blasted the bill , saying it would dismantle privacy protections and enable unprecedented surveillance of online activities under the pretext of cybersecurity.
Any cybersecurity legislation should include strong privacy protections, The Hill quoted Hayden as saying. "The nation's critical infrastructure cyber vulnerabilities will not be addressed by information sharing alone," she said in apparent reference to CISPA.
"Also, while information sharing legislation is an essential component of comprehensive legislation to address critical infrastructure risks, information sharing provisions must include robust safeguards to preserve the privacy and civil liberties of our citizens," Hayden is quoted as saying. "Legislation without new authorities to address our nation's critical infrastructure vulnerabilities, or legislation that would sacrifice the privacy of our citizens in the name of security, will not meet our nation's urgent needs."
Though the statement did not mention CISPA by name, Hayden's references to "information sharing" make clear that she is referring to CISPA because that is the only bill under consideration that calls for extensive sharing of information between the private sector and the government.
The White House's comments add to the crescendo of voices that are calling for CISPA to be stopped or seriously amended. U.S. Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.) introduced CISPA in the House in November.
The bill is designed to help improve cybersecurity by allowing Internet companies to monitor and collect any information on users that they think might pose a threat to their networks or systems.