The Senate is about to vote on a bill to reward companies that hand over your data to the NSA. We’re privacy advocates trying to stop it. Join us and call your lawmaker to vote no on the bill: https://stopcyberspying.com and https://decidethefuture.org

The reason you keep hearing about these bills is that we keep beating them. The other side has full time lobbyists pushing them every single day. We have you. But together, we keep winning.

With your help, we've stopped CISA, the Cybersecurity Information Sharing Act, and other "cybersecurity" bills for years; however, they keep on coming back. Last week, the Senate scheduled CISA for a final vote TOMORROW. We've been here before. And you already know the bill is a surveillance bill in disguise.

People have sent millions of faxes (you read that right) to Congress, tweeted at senators, sent emails, and made calls. Over 50 organizations and companies oppose the bill including Access, ACLU, EFF, FFTF, Apple, Yelp, Twitter, and Wikimedia.

Fortunately, CISA isn’t law yet, but it will have its final Senate vote this week and we need a dozen more senators to vote against it. Two things you can do right now:

Or just call this and we can connect you: 1-985-222-CISA

AMA

UPDATE: Our special guest and leading privacy advocate, Senator Wyden has joined the AMA. Please ask him questions! Here's the proof.

UPDATE 2(7:45 pm ET): Senator Wyden is now gone.

Answering questions today are: JaycoxEFF, nadia_k, NathanDavidWhite, fightforthefuture, evanfftf, astepanovich, DrewAccess, DSchuma.

Proof it's us: EFF, Access, Fight for the Future, FFTF here also, Demand Progress

You can read about why the bill is dangerous here. You can also find out more in this detailed chart (.pdf) comparing CISA to other bad cybersecurity bills.

Read the actual bill text here.

Comments: 1474 • Responses: 15  • Date: 

salt-the-skies2271 karma

I supported FFTF and EFF for a good while, but you basically campaigned me to death. I eventually had to unsubscribe from your emails as I wasn't even reading them any more... Because there were so many. I felt I was being spammed.

This doesn't mean I don't care, but only that I have human limits about things I can focus on and when I'm being bombarded frequently, even by positive information... It's tiring.

How do you intend to balance catching people's attention in the maelstrom that is the information age with overwhelming people in your attempts to do so? Do you feel I am an oddity and you do a good job overall? Do you see a need to improve your methodology?

Edit: I still support your cause, but now only through news articles and Reddit threads I happen to see.

fightforthefuture278 karma

As you can tell, we think it's important to reach out to folks about pressing issues, especially because email is still one of the most powerful ways to reach people, organize, and open up the political process. Ideally, and we're working on this and I know EFF and others are too, we figure out ways people DO want to help out and be informed about what's happening, like with either a mobile app or other notifications, and to get your specific feedback about what you don't want to hear about and what you do want to hear about. As we're trying to win on some of the biggest issues of the day that must be won and fought on, we have to build a system and movement together, so we hope you'll help us do that by giving us ways that you do want to be in touch and pitch in with contacts to decisionmakers.

No-Shit-Sherlock277 karma

Have you considered adding email notification settings like how it's done by non-charity sites/services?

E.g. For Steam (an online game store) I can go to their site and in my email settings there I am given a bunch of options (via checkboxes) so I can customize the type and frequency of email notifications I will be sent... such as "when an item on my wishlist is on sale send me a notification email". Facebook also has similar notification settings.

In your case, it certainly sounds like some people clearly want a "only send me emails for impending critical issues/votes" option or something similar.

ForeverIndex98 karma

Or like someone else suggested, maybe a monthly newsletter? That seems more appropriate and less invasive.

fightforthefuture81 karma

A monthly newsletter is good for a roundup but it isn't for taking action when it matters, as so much does change. It's something we'll most likely offer when we get a breather (we're smaller and a little younger but we'll definitely tackle this soon)/ We totally don't want to be reaching people who don't want to hear from us, so yeah we hope that only people who want to hear from us are on the list!

thedrexel124 karma

Why an app? This seems totally unnecessary and a waste of time/energy/$. Not everything needs an app.

fightforthefuture65 karma

Some people feel like it's the most seamless (not annoying) way for them to take action, it could be the most efficient way too -- see a notification, look at it, click to take action in one spot. It also means we don't have to depend on so many gatekeepers -- facebook, gmail, commercial email ISP's, etc. That said, we're wary of making something unnecessary and doing this in a lightweight way.

DNAtaurine2152 karma

What will it take to make this bill - or any slight variation of it - fuck off for good?

fightforthefuture1514 karma

I think we can put an end to CISA for good. We just need to kill it so bad that it becomes toxic and no one in Congress wants to go anywhere near it ever again. That's what happened to SOPA, so we know it's possible. The companies behind this would no doubt continue to try to sneak it through in some other form, but making Congress afraid to touch CISA or similar bills would be a huge step in the right direction.

ganooosh427 karma

Why isn't there some kind of rule to prevent failed legislation from being reintroduced so often?

fightforthefuture250 karma

It seems like we need something like that, though it would be quite the sea change. Right now, they keep bringing back failed legislation and in the last 24 hours of this fight, we really can't risk not signing petitions, calling, tweeting and sharing online like here on reddit (which turns out matter a lot) to make sure we kill this bill first. But, that's why we do need to change the way politics is done and not just money in politics, but open up the political process in millions of ways, including by demanding public accountability every step of the way using online and other means, and building a new kind of political movement that is resilient to the Chamber and other big industry doing this kind of thing, and passing possibly something like you suggest.

Organia258 karma

What companies want CISA to be passed?

fightforthefuture410 karma

Lots of big legacy monopolies like big banks, telecoms, and defense contractors. Most tech companies have come out against it for privacy reasons. We're hearing that Facebook is the lone major tech company that is quietly lobbying for it still.

MapLight has a good list of supporters (the opposition doesn't seem to be up to date): http://maplight.org/us-congress/bill/114-s-754/6636586/total-contributions

fightforthefuture38 karma

Also, it's many of the companies that seem to know the least or are the most reckless about privacy and security -- Chamber of Commerce, banks, Target, Experian. The Chamber themselves are the ones that lobbied to take out real cybersecurity measures like having good security, and helped to create this bill that goes beyond strict cyberthreat data sharing to expansive info-sharing with 7 federal agencies for more than just cybersecurity purposes.

mr_fingers87 karma

TL;DR?

fightforthefuture158 karma

CISA is a bill about to pass the Senate that gives companies legal immunity for violating privacy laws as long as they share data with the government. We're asking people to help us stop it.

WillCookForSex86 karma

Why would you say this is our one last chance when there have been many bills beforehand? You honestly believe if this gets voted down they won't try again? That's optimistic to the point of stupidity

fightforthefuture125 karma

It's more that CISA will pass on Tuesday if we don't do anything, and it is barrelling forward towards passage. We need to pull off senators who are on the fence to vote against CISA, or this bill becomes law. And, this fight is a bit different now. CISA has come up in the past, but dynamics are shifting against it right now with a bunch of big tech companies now saying it's bad for privacy. We're also just beginning to understand and relay the extent to which CISA is really about ramping up NSA power to bulk scrape Internet communications. The more we study this, the worse it seems and the more people and companies dislike it. See here: https://www.techdirt.com/articles/20151026/10050332638/reading-tea-leaves-to-understand-why-cisa-is-surveillance-bill.shtml

ken2723850 karma

Why do they do this? Do they actually think "maybe this time it will work!"?

Heptite91 karma

It's a well-established strategy that has gotten a lot of bad legislation through in the past. Just keep resurrecting the bad laws, sometimes in slightly different forms with new names, and wear out the opponents.

fightforthefuture96 karma

Yeah, they think they can wear us down. The only way to stop this for people to come out so strong against this that it becomes toxic and Congress never wants to touch it again.

fightforthefuture25 karma

The other side has lots of money to spend but even their game is getting split open more and more. But, as Evan from FFTF said: i think it's definitely true that there will always be an ongoing battle between forces of authoritarianism and those who advocate for freedom, but to paraphrase MLK the arc of moral history bends toward justice.

Koufaxisking18 karma

Who rules on these bills? Is it a senate/house committee or judge? This seems like something you could sue all the way up to the supreme court for unreasonable search type of deal.

fightforthefuture26 karma

CISA specifically exempts itself from FOIA, so it will be impossible to know what's being shared and what personal information is included. That will make it much more difficult to challenge through the courts.

ThaGovernator6 karma

First off, thank you for doing this AMA. It's good to know there are people out there fighting to defend us regular folks.

I do plan on calling my lawmaker and expressing my dissatisfaction with the proposed legislation, but I'm curious to know why these cyber bills keep coming up. I hear of the negatives, but are there any positives to it? (Besides helping the NSA, obviously).

Thanks!

fightforthefuture9 karma

Not really. CISA used to be attached to a larger bill that called on companies operating "crucial infrastructure" to follow basic cybersecurity standards. That seems like a good idea, but the US Chamber of Commerce lobbied hard to get that removed. There is literally nothing in the current form of CISA that would directly improve security on computer networks.

UCDC4 karma

Why can't we get a bill passed into law stating 'the privacy of the people on the internet shall not be infringed upon' or something like that?

fightforthefuture7 karma

How about something like this?:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

catsarefriends2 karma

Is it to the NSA? Or is it to the DHS which will act as an information sharing hub for cybersecurity defense among the private sector?

fightforthefuture3 karma

The information sharing hub would be run by DHS, but the bill calls for all information to be automatically shared with all other departments, including DoD/NSA. There is also an amendment that may pass that would add the FBI to the auto-share list.