The Electronic Frontier Foundation took issue with an amendment released by the sponsors of the Cyber Information Sharing Act (CISA) that it says previews the final version of CISA, saying that two such releases in two days “should be a sign to Senators that more debate is needed” on the bill.
The edits found in the latest release were to fix spelling and grammatical errors, but EFF pointed out that it also deleted “important reports about cybersecurity—one report on the risks to critical infrastructure and another on the government's adoption of security software,” according to a blog post penned by EFF Legislative Analyst Mark Jaycox. “If CISA is really about protecting computer security, then the deletion of these reports is uncalled for.”
Noting that bill doesn't fix “core privacy concerns” nor does it fix security issues such as unencrypted files and contractors clicking on malware links, the Jaycox wrote, the “new language further weakens the fundamentally flawed bill, which already suffers from broad immunity clauses, vague definitions, and aggressive spying authorities.”