A familiar, troubling path on cybersecurity

The Observer editorial board

Revelations about the NSA’s vast spying operation rocked Americans in 2013.
Revelations about the NSA’s vast spying operation rocked Americans in 2013. AP

Two years ago this week, a federal judge spoke for many Americans when he issued a scathing ruling on the National Security Agency’s collection of virtually all the country’s phone records.

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high tech collection and retention of personal data,” said Richard J. Leon, a judge on the U.S. District Court for the District of Columbia. “Surely, such a program infringes on ‘that degree of privacy’ that the founders enshrined in the Fourth Amendment.”

By then, Americans had been repeatedly stunned by revelations of the NSA’s mass surveillance programs. The ensuing backlash was so severe that the White House dialed back the agency’s reach.

It was a reminder of the abuses that can spring from power that isn’t properly checked. It also was a reminder about the importance of reconciling our fears with our rights.

It’s time to be reminded again.

A group of U.S. lawmakers are objecting this week to a major cybersecurity bill that was included in the omnibus spending package. House and Senate lawmakers had been working on the legislation since October, when the Senate passed its version of a cyber bill. That measure was combined with two House bills to make up the language in the omnibus package.

Cyber bill opponents say that language, which was intended to encourage companies to share “cyber threat indicators” with the Department of Homeland Security, is written so loosely that the NSA and other intelligence agencies could exploit loopholes to collect constitutionally protected information for surveillance purposes.

Critics also say the language allows the government to use those cyber threat indicators to investigate and prosecute a broad range of non-cyber crimes.

Just as troubling is how the bill was slipped into the omnibus package instead of being debated and voted upon the way such legislation should be. It’s a maneuver that’s especially galling just two years removed from the NSA revelations.

Cyber bill proponents, which include the White House and industry groups, say the measure provides robust anti-surveillance language that protects Americans. Lawmakers also said they inserted the bill in the omnibus because they wanted to get much-needed legislation passed quickly to help combat the rising threat of cyberattacks.

Then House and Senate members should hop to it. Meet in a formal conference between the two chambers. Debate the merits of the legislation publicly, so that Americans can participate in this important conversation about cybersecurity and our privacy.

Instead, lawmakers have decided against that public discussion. It’s a sign we need it as much as ever.