The perils of legislating security
Though some in infosec have criticized Congress for failing to produce a cybersecurity bill that can pass, others would prefer nothing reaches fruishion. The reason: Congress keeps pumping out legislation that does little to bolster security and much to give the government unlimited power to invade our privacy. For an example of the surreal, take a look at the current version of the Cyber Intelligence Sharing and Protection Act (CISPA).
As written, it would allow private companies to share a wide range of customer information they deem to be related to cyberthreats with U.S. agencies like the National Security Agency.
"It still allows massive amounts of private user data to be shared with secretive agencies," says Evan Greer, campaign manager at digital rights group Fight for the Future.