Cybersecurity Legislation and the Privacy and Civil Liberties Oversight Board
Along with a lot of other privacy folks, I have a lot of concerns about the cybersecurity legislation moving through Congress. I had an op-ed in The Hill yesterday going through some of the concerns, notably the problems with the over broad “information sharing” provisions.
Writing the op-ed, though, prompted me to highlight one positive step that should happen in the course of the cybersecurity debate. The Privacy and Civil Liberties Oversight Board was designed in large part to address information sharing. This past Wednesday, the Senate Judiciary Committee had the hearing to consider the bipartisan slate of five nominees.
Here’s the point. The debate on CISPA and other cybersecurity legislation has highlighted all the information sharing that is going on already and that may be going on in the near future. The PCLOB is the institution designed to oversee problems with information sharing. So let’s confirm the nominees and get the PCLOB up and running as soon as possible.
The quality of the nominees is very high. David Medine, nominated to be Chair, helped develop the FTC’s privacy approach in the 1990’s and has worked on privacy compliance since, so he knows what should be done and what is doable. Jim Dempsey has been at the Center of Democracy and Technology for over 15 years, and is a world-class expert on government, privacy, and civil liberties. Pat Wald is the former Chief Judge of the DC Circuit. Her remarkably distinguished career includes major experience on international human rights issues. I don’t have experience with the other two nominees, but the hearing exposed no red flags for any of them.
The debates about cybersecurity legislation show the centrality of information sharing to how government will respond to cyber-threats. So we should have the institution in place to make sure that the information sharing is done in a lawful and sensible way, to be effective and also to protect privacy and civil liberties.