Thursday, April 19, 2012

CISPA Keynotes Cybersecurity Week

The Cyber Intelligence Sharing and Protection Act (CISPA), H.R. 3523, is Congress' most recent incarnation of the SOPA/PIPA battle that the Internet community fought and won handily in January of this year.
Congress is set to act on cybersecurity legislation that has been making its way through committees in both chambers for several years. The House is set to vote on these bills during the week of April 23, dubbed "Cybersecurity Week." The Senate will take action soon after.

The House is expected to kick off Cybersecurity week by taking up HR 3523, a bill sponsored by Reps. Mike Rogers (R-Mich.) and C.A. Dutch Ruppersberger (D-Md.).

The House Intelligence Committee approved the bill in a secret session held one day after the bill was introduced and without a single public hearing on the legislation.

The Rogers bill creates a sweeping "cybersecurity exception" to every single federal and state law, including key privacy laws---the Electronic Communications Privacy Act, the Wiretap Act, the Privacy Act—allowing private companies holding our private communications to share them with each other, with the National Security Agency (NSA), and with other intelligence and defense agencies, and all other agencies of the federal government.

...under Rogers, once your personal information is in the hands of the government, all bets are off. It can be used for any national security purpose, including to track patterns of communications to decide whether to seek authorization to wiretap you. In can be used to prosecute you for any crime, provided an intelligence agency also finds at least a significant national security or cyber security purpose for the information.
SOPA and PIPA were strongly supported by organizations like the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA), who all but wrote the legislation in the first place, but the Internet tech companies were left out of the loop. Those companies became vocal opponents of SOPA and PIPA, and provided considerable assistance in the widespread efforts to kill the legislation.

This time around, members of Congress hope to avoid such problems by co-opting these same companies. As noted in the fourth paragraph quoted above, the private companies holding our private communications will be allowed to share them with each other as well as with government agencies. This blatant bribe just may be working.
Technology companies want the U.S. to bolster cybersecurity, ease immigration restrictions and let funds held abroad be repatriated, said a group with members including Microsoft Corp. (MSFT) (MSFT) and Adobe Systems Inc. (ADBE) (ADBE)

Companies set meetings this week with lawmakers including Representative Mike Rogers, the Michigan Republican sponsoring a cybersecurity bill, and Steven VanRoekel, the U.S. chief information officer.

Cybersecurity legislation must guard privacy and let government share information with businesses, more than 20 business and technology associations said in an April 17 letter to House Speaker John Boehner, an Ohio Republican, and Nancy Pelosi, the California Democrat who is minority leader.

The Cyber Intelligence Sharing and Protection Act would shield companies from lawsuits over exchanging data with the government.
The way this Tireless Agorist reads that first paragraph is "technology companies may sell out if they get permission to data-mine shared customer data, hire more cheap workers from overseas, and bring their profits from overseas operations back home without a serious tax hit." That last paragraph, shielding the companies from lawsuits, is just icing on the cake. But I'm well-known for my cynical view of the crony relationship between corporations and government, so that interpretation may be skewed. I wouldn't recommend sitting on the sidelines as CISPA makes its way through the legislative process, however.

And neither would the American Civil Liberties Union or the Electronic Frontier Foundation.
The American Civil Liberties Union has joined with online activists to battle the legislation.

“We think it allows companies to share way too much sensitive and private information with the government, everything from Internet use history to the content of emails. The way it’s drafted is a little broader than the way sponsors are saying,” said Michelle Richardson, legislative counsel at the ACLU.

The civil rights group will send a letter to Congress Monday stating their opposition.

Online activists have compared the cybersecurity bill to the anti-piracy bills that provoked a strong pushback in January.

“The broad language around what constitutes a cybersecurity threat leaves the door wide open for abuse,” the Electronic Frontier Foundation said in a statement.

“It’s a little piece of SOPA wrapped up in a bill that’s supposedly designed to facilitate detection of and defense against cybersecurity threats. The language is so vague that an ISP could use it to monitor communications of subscribers for potential infringement of intellectual property,” the group added.
...and that's NOT all I have to say about that. More on CISPA and the threat to the Internet tomorrow.

1 comment:

  1. In an Email to our dear friend Thrice Eye, Congressman Chuck Fleischmann explained Cyber Intelligence Sharing and Protection Act or CISPA. This email explains how the people in Government are thinking about this act and have creating support for it while using lucrative and lucid terms to hide the real meaning from the public eye.
    full text is here!