Speaking of cyber related legislation in the United States, here is how CISA will allow the NSA to scrape the internet backbone to scoop up all your emails and other ostensible private correspondence (emphasis added):
Now it appears that Congress may be ready to help the NSA get the information they need to finally crank up their cybersecurity surveillance system. The Senate this week is expected to take up a bill, the Cyber Information Sharing Act (CISA), that would incentivize companies to liberally share “cyber threat indicators” with the Department of Homeland Security by granting them legal immunity from any surveillance laws when they do so.
The companies would be allowed to leave their users’ personal details in the information they give to the government unless they affirmatively know that it is not directly related to a threat, and the DHS would be required to share all of the information with the NSA and other federal agencies.
But that’s just the beginning of how CISA would massively violate privacy.
Any information shared with the government under CISA could be used to turn on the NSA’s latent cybersecurity surveillance powers. As revealed by the Snowden documents, cyber threat indicators can be used by the NSA as selectors to target the warrantless interception and collection of information from the Internet backbone. These selectors — things like email address, IP addresses, ranges of IP addresses, phone numbers, or strings of computer code — are used as filters to select and extract data from Internet traffic.
Importantly, any “incidental” data that is picked up along the way that is not directly related to the threat, including any and all personal data that is hacked or targeted as part of the cyber threat, can be indefinitely retained by the NSA. This could be a massive amount of data if a threat involves a company like Google, Bank of America, or AT&T.