Privacy is killed once more.
Update: As expected, President Obama has just signed the bill, enacting both the $1.1 trillion budget and CISA.
In a nutshell, CISA was meant to allow companies to share information on cyber attacks — including data from private citizens — with other companies and the Department of Homeland Security. Once DHS had all the pertinent details, they could be passed along to the FBI and NSA for further investigation and, potentially, legal action.
[A] previously held prohibition against sharing information with the NSA has been removed… More importantly, the provision that required personal information to be scrubbed from cybersecurity reports also seems to have gone missing, leaving that task up to the discretion of which ever agency gets their hands on it. While the federal government has been trying to toughen its stance on cybersecurity in the wake of massive hacks on the Office of Personnel Management and Sony, we wound up with an even more effete version of a questionable plan that will soon become law.
via Budget bill heads to President Obama's desk with CISA intact.
Ughhhh.
HT Ankur