On April 16th, Google and Microsoft jointly sent a letter to Governor Nathan Deal, asking him to veto SB 315. The letter was also sent to Attorney General Chris Carr, Senator Bruce Thompson, Representative Christian Coomer, and Representative Ed Setzler.
In their letter, Google and Microsoft claim that Governor Deal signing SB 315 into law:
…is potentially a grave step that has some known and many unknown ramifications for technology companies, the tech community at large, and any company with a computer network.
Google and Microsoft also offer to work to help craft a better bill, saying they are:
…committed to working with the General Assembly and all interested stakeholders in developing a law on unauthorized computer access that protects all Georgians without authorizing in Georgia code the hacking of other networks and systems under the guise of an undefined concept of “cybersecurity active defense.”
In closing, Google and Microsoft raise concerns that SB 315 will:
…make Georgia a laboratory for offensive cybersecurity practices that may have unintended consequences and that have not been authorized in other jurisdictions.
While answering questions from the well of the Senate during the initial consideration of SB 315, Senator Thompson repeatedly referred to the bill as being “pro business” and “anti hacking”. Senator Thompson also stated that Google participated in the creation of SB 315. The full video of Senator Thompson’s remarks on SB 315 can be found here.
It is worth noting that Google is now asking for a veto of the very bill Senator Thompson says they helped to draft. This about-face by Google is curious, but may have a reasonable explanation. I would be interested in hearing from the company about why they no longer support SB 315.
Recently, Attorney General Carr was quoted as saying:
Senate Bill 315 strikes the proper balance between protecting Georgians from online criminals and not stifling the incredible cybersecurity and infosec infrastructure we have developed in our state
While Attorney General Carr says SB 315 strikes the proper balance, it is clear that neither Google nor Microsoft agree with his assessment.
As it stands now, it seems pretty clear that two major technology companies which do a substantial amount of business in this state, do not view SB 315 as “pro business” or “anti hacking”, nor do they think it “strikes the proper balance.”
Andy Green, Ph.D. 