A new federal cybersecurity law has been introduced by President Donald Trump that aims to make it easier for law enforcement agencies to gather and share data on the criminal activity that’s taking place online.
But cybersecurity experts say that this bill is not strong enough.
Here are the major takeaways.
The bill, which is the first of its kind in the country, would require cybersecurity companies to share information with law enforcement without a warrant, with the promise that “no information shared shall be used, shared, or retained in a manner that would permit the identification or attribution of any cybercrime.”
The bill, signed into law by Trump on Friday, requires law enforcement to get a warrant to access private information on their computers or mobile devices.
The government will also need to obtain a court order to access information that is stored or transmitted online.
The legislation has been called a “war on whistleblowers.”
But critics have argued that the law doesn’t go far enough.
The Electronic Frontier Foundation (EFF), which is an advocacy group that is critical of the bill, argued in a blog post on Friday that it is “a clear victory for authoritarian governments in cyberspace” who seek to use data-mining laws to crack down on dissent.
The EFF argues that it’s important for the Trump administration to take a more aggressive stance on cybersecurity because “it has a real opportunity to deter the proliferation of this threat to our national security.”
“It’s a good idea to require law enforcement, instead of the private sector, to get the court order for a warrant,” EFF senior policy counsel Brad Heath wrote.
“But there is a lot of risk in getting the government to the point where it can actually go after criminals.
The bill fails to adequately address this risk, and so far it has done little to deter criminals from stealing our secrets and leaking them to the world.”
The ACLU of Southern California wrote in a statement that the bill “represents an effort to weaken the security of our systems and undermine the basic freedoms that make our democracy so important.”
“There are serious problems with the bill and it’s an overreach to police the internet for criminals, who should be prosecuted, not protected,” ACLU of Los Angeles policy counsel Mark Jaycox said.
“If we want to protect privacy and civil liberties, we should focus on making sure that cybercriminals can’t break into our computers or steal our private information.”
A bipartisan group of senators wrote in support of the new law in a letter sent to Trump on Saturday.
“We applaud the President for signing this bill,” the letter stated.
“This law is important because it will increase our ability to detect cybercrime, as well as help us protect our critical infrastructure, from malicious cyber actors.”
“We support the President’s decision to sign this legislation, which would help make our internet safer and allow our businesses to function without fear of cyberattacks,” Sen. Ron Wyden, D-Ore., a member of the Senate intelligence committee, said in a news release.
“While the law does not require a warrant before accessing data, it will allow the Government to obtain the warrant it needs to access a customer’s personal information without fear that the government may use the information to identify them as a cybercriminal.
The legislation will also make it much easier for businesses to report cybercrime to the FBI.”
Wyden and Rep. Chris Van Hollen, D, Md., a senior member of House intelligence committee who is a former director of national intelligence, also expressed support for the bill.
“Cybersecurity is one of the biggest challenges we face today,” Van Hollent said in the statement.
“It’s an urgent national security issue that is not going away.”
Other bills in Congress that could impact cybersecurity include the National Defense Authorization Act, the Homeland Security Appropriations Act, and the Defense Authorization Amendments Act, which also passed the House and Senate last week.