Nope. Not even a deeply cynical misreading of the bill gets you there. Here's Techdirt's current claims:
While the reports yesterday indicated that the bill would directly allow its use in "surveillance," the list of approved uses was changed slightly to effectively hide this fact. Specifically it says that the information via CISA can be used to investigate a variety of crimes -- and doesn't say "surveillance." But, obviously, surveillance isn't a "crime" that the government will be investigating. It's just the method that the government will use to investigate crimes... which is now allowed under CISA.
Every version of CISA has included this language, and the "variety of crimes" hasn't changed and remains microscopic. The list of approved uses wasn't "changed slightly to effectively hide this fact"; in fact, the only change in the approved list of uses is the removal of an approved use.
Also, yesterday we noted that the proposed change would "remove" the privacy scrub requirements. The final bill didn't completely do that, but basically changed the standard to pretend that it's in there. Rather than demanding a full privacy scrub, the bill lets the Attorney General determine if DHS is doing a reasonable job with its privacy scrub.
"Privacy scrub" is language that Techdirt is using, but the bill never has. The CISA requirements to remove personally identifying information --- which have always applied to private entities --- is unchanged.
While the reports yesterday indicated that the bill would directly allow its use in "surveillance," the list of approved uses was changed slightly to effectively hide this fact. Specifically it says that the information via CISA can be used to investigate a variety of crimes -- and doesn't say "surveillance." But, obviously, surveillance isn't a "crime" that the government will be investigating. It's just the method that the government will use to investigate crimes... which is now allowed under CISA.
Every version of CISA has included this language, and the "variety of crimes" hasn't changed and remains microscopic. The list of approved uses wasn't "changed slightly to effectively hide this fact"; in fact, the only change in the approved list of uses is the removal of an approved use.
Also, yesterday we noted that the proposed change would "remove" the privacy scrub requirements. The final bill didn't completely do that, but basically changed the standard to pretend that it's in there. Rather than demanding a full privacy scrub, the bill lets the Attorney General determine if DHS is doing a reasonable job with its privacy scrub.
"Privacy scrub" is language that Techdirt is using, but the bill never has. The CISA requirements to remove personally identifying information --- which have always applied to private entities --- is unchanged.