Why won't Hillary Clinton take a stand on CISA? ("No comment.")

In the midst of a partisan battle over her emails, and a new AP report on United States cybersecurity faltering under her lead as Secretary of State, a new problem has emerged: Hillary Clinton refuses to comment on CISA, a bill that would hurt cybersecurity to facilitate mass surveillance. At a time when CISA is being rejected by other politicians, the public, security experts, and even the industry it's supposed to protect, Clinton's continued silence shows she's in the wrong place on cybersecurity. If Clinton wants to reclaim her credibility, she needs to take a stand against CISA!

Tell Clinton: Reject CISA and and stand up for *REAL* cybersecurity!

Dear Hillary Clinton, Please take a stand against CISA, a dangerous surveillance bill that will only damage cybersecurity in the United States. Many citizens, experts, and companies have come out against this legislation because it will expose more Americans' private information to foreign hackers and government monitoring. Opposing CISA will show that your campaign is turning a corner on cybersecurity competence and working to protect people's civil liberties. Thank you!

CISA is the opposite of cybersecurity.

Blanket immunity rewards security incompetence.

There are many ways a cybersecurity bill could protect us against foreign hackers. Congress could require government contractors to upgrade from outdated systems like Windows XP, or require companies to notify customers about security vulnerabilities if they can't be fixed within a reasonable amount of time. Basic security hygiene standards around storage of private user data could be established. Unfortunately CISA does none of these things, because government agencies and corporate lobbyists don't want to actually invest in network security. Instead, CISA lets companies get off the hook for the worst types of privacy violations, as long as they share data with the government.

Sharing data with the government puts us all at more risk.

CISA will put more private data in the hands of a staggeringly wide array of government agencies. Agencies like the Department of Commerce, the Department of Energy or the IRS are not equipped to safeguard this data—in fact, all of these agencies have been recently breached. How would giving more private sector data to the U.S. government protect our cybersecurity when these government agencies can't even protect the data they already have?

The FTC already has authority to regulate cybersecurity.

Cyber attacks aren't magic and hackers aren't wizards. Many of the biggest breaches could have been prevented if companies employed basic operational security measures, but companies have too much data and they're not taking security seriously. The FTC has the legal authority to investigate privacy breaches and impose fines and sanctions on companies in cases of negligence. The government already does it for oil spills, why not cybersecurity breaches? If companies faced strict penalties for exposing customers to identity theft, they would actually invest in security. This alone would stop hackers more than CISA ever could.

Dial 985-222-CISA to call Congress now.

Internet users demand meaningful cybersecurity legislation, not more mass surveillance. Millions have already spoken out, and there's still time to send Congress a clear message. Please call your representatives, and share this page to spread the word!

Share Tweet Email